Solved

Security lab kinda Qs

Posted on 2003-10-22
5
231 Views
Last Modified: 2010-04-11
Ok first off im not 100% that this is the right section to post in but it’s the one I felt, would be more inclined to know where im coming from, as you need a wider? Understanding of the issues to help me I fear. < Afternote : And possibly a degree in psychology ;o) >

I Want to set-up a PC/Laptop to run SNORT And NESSUS over Linux < Red hat preferably > and to be able to run w2k server / 2003 and basically be able to shift between them.

The idea being that I can learn both the *nix and windows security tools and practice them on my work net or different nets as I move about < I’m starting doing general contract work < No work atm :/ >  + A lot of the other tools and documents and such. There just seems so much to do atm.

I was thinking first of just having a Laptop < So I can move about and use at work for testing Sw for work  > with a bunch of diff HDs, the plug and play kind and just inserting as I need, that way I could just have various instances of the diff *nix and the accompanying SW, and that way it would also let me harden the diff OS`s as I went along. And it would also give me lee-way to learn the diff versions of *nix has I went along  < last time I tried Red hat I failed miserably :), in my defence it was about 3 years ago when I was just starting off >

So my first plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved, that way they can be used on all the rest of the HDs.
And then 1 Hd running red hat for NESSUS and a separate 1 for SNORT in case one gets damaged because it will be left on the net or I just wipe it by accident screwing around and playing with it < I’ve great faith in myself ;o) >
Then another one for Windows server for testing SW for various projects and such that I would be working on like patch update management and such.
And after all that it would be nice to have one just for me non-work related: D

The other option that ive only just recently found would be to run a copy of Vmware GSX server and load diff instances of the the various OS`s through that, Hence my posting I’ve only just recently touched on this in the last week so im not sure of its limitations etc. In theory I think it could work a treat. It could be perfect! But im just not sure

So basically im asking what would you do? Or what do you think of my ideas < No profanity’s now plz ;o) >
Its the only way I can think of setting up and running these programs and keeping them up to date, while I move about from job to job and across the city , I don’t drive .And TRY to get practice on them and their use etc

Bare in mind im not trying to go for the first solution although I think that would be good, I don’t think I can afford it all the same
I suppose a kinda lab environment is what I need .

Any comments appreciated
Thanks.
0
Comment
Question by:AdrianOConnor
5 Comments
 
LVL 18

Accepted Solution

by:
liddler earned 75 total points
ID: 9599800
Interesting,
First, your are going to have do a lot of research in the HCLs (Hardware Compatability Lists) of the various linux distro, as linux on a laptop can be a real pain.  You also want to look at Solaris x86 (not sure if this will run on a laptop) and various BSDs.  For security BSD is pretty important as it is very hardenable (is that a word?)
Instead of a laptop, you might want to look at a portable computer,  basically a big laptop without a battery, but good spec and much more modular, so you can chang bits.
To be honest a desktop in a big case 5+ disk slots, with generic hardware (i.e. there wil be lots of linux drivers).  Lots of big disks and multibooting between as many OSs as you want is probably the best suggestion.  Although, this isn't portable, but if you build it yourself it might be reasonably cheap.
If you are putting it on the 'net a a security device / scanner it will probably get hacked at sometime(s) so be sure to have a good and regular back-up policy (DVD witer or Tape)
0
 
LVL 3

Assisted Solution

by:FlamingSword
FlamingSword earned 75 total points
ID: 9600199
Good ideas, and good luck.

"plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved"

I like that multiboot idea, but I think I want to advise home system for doing the downloading and patch management, give it a CD burner and huge HD.

I think it would be counterproductive to have every single patch on the boot HD, which may be incompatible, initially at least, with some of the spare HDs. So I'd vote to have the home system put together packages of O/S and its latest patches onto a CD, then for the laptop, and HD booted should be able to easily find the patches it needs on its CD.  Plan to carry spare parts, beginning with a spare CDROM for yourself

Otherwise, the overhead on initial boot cd is too much.  It may be ok to have documents on that same HD, as long as they are not too extensive. If they get too complicated and large, consider moving them to CD as well. I agree to place all tools on single HD. Even if it has to be partitioned to enable *nix tools for a defaulted Windows boot. While you are at it, have another HD ready as a duplicate of the first one.  What you do not want to do is ever make the customer wait while you look for things, so have them all at the ready, and organized.  Imagine customer response to you saying: "Oh, I'll get to that immediately, just as soon as I rebuild my HD due to (mumble) glitch ..."

If you are seeking opportunity to give advise on network integrity, consider wireless, but with time on your hands keep track of the news and for how the securing world is going, and especially for how the court cases are going, to define the limits that are used in the communities you'll be serving.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now