Security lab kinda Qs

Posted on 2003-10-22
Medium Priority
Last Modified: 2010-04-11
Ok first off im not 100% that this is the right section to post in but it’s the one I felt, would be more inclined to know where im coming from, as you need a wider? Understanding of the issues to help me I fear. < Afternote : And possibly a degree in psychology ;o) >

I Want to set-up a PC/Laptop to run SNORT And NESSUS over Linux < Red hat preferably > and to be able to run w2k server / 2003 and basically be able to shift between them.

The idea being that I can learn both the *nix and windows security tools and practice them on my work net or different nets as I move about < I’m starting doing general contract work < No work atm :/ >  + A lot of the other tools and documents and such. There just seems so much to do atm.

I was thinking first of just having a Laptop < So I can move about and use at work for testing Sw for work  > with a bunch of diff HDs, the plug and play kind and just inserting as I need, that way I could just have various instances of the diff *nix and the accompanying SW, and that way it would also let me harden the diff OS`s as I went along. And it would also give me lee-way to learn the diff versions of *nix has I went along  < last time I tried Red hat I failed miserably :), in my defence it was about 3 years ago when I was just starting off > 

So my first plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved, that way they can be used on all the rest of the HDs.
And then 1 Hd running red hat for NESSUS and a separate 1 for SNORT in case one gets damaged because it will be left on the net or I just wipe it by accident screwing around and playing with it < I’ve great faith in myself ;o) >
Then another one for Windows server for testing SW for various projects and such that I would be working on like patch update management and such.
And after all that it would be nice to have one just for me non-work related: D

The other option that ive only just recently found would be to run a copy of Vmware GSX server and load diff instances of the the various OS`s through that, Hence my posting I’ve only just recently touched on this in the last week so im not sure of its limitations etc. In theory I think it could work a treat. It could be perfect! But im just not sure

So basically im asking what would you do? Or what do you think of my ideas < No profanity’s now plz ;o) > 
Its the only way I can think of setting up and running these programs and keeping them up to date, while I move about from job to job and across the city , I don’t drive .And TRY to get practice on them and their use etc

Bare in mind im not trying to go for the first solution although I think that would be good, I don’t think I can afford it all the same
I suppose a kinda lab environment is what I need .

Any comments appreciated
Question by:AdrianOConnor
LVL 18

Accepted Solution

liddler earned 300 total points
ID: 9599800
First, your are going to have do a lot of research in the HCLs (Hardware Compatability Lists) of the various linux distro, as linux on a laptop can be a real pain.  You also want to look at Solaris x86 (not sure if this will run on a laptop) and various BSDs.  For security BSD is pretty important as it is very hardenable (is that a word?)
Instead of a laptop, you might want to look at a portable computer,  basically a big laptop without a battery, but good spec and much more modular, so you can chang bits.
To be honest a desktop in a big case 5+ disk slots, with generic hardware (i.e. there wil be lots of linux drivers).  Lots of big disks and multibooting between as many OSs as you want is probably the best suggestion.  Although, this isn't portable, but if you build it yourself it might be reasonably cheap.
If you are putting it on the 'net a a security device / scanner it will probably get hacked at sometime(s) so be sure to have a good and regular back-up policy (DVD witer or Tape)

Assisted Solution

FlamingSword earned 300 total points
ID: 9600199
Good ideas, and good luck.

"plan is to have 1 constant HD where I can store all my SW + patches and tools etc + Doc`s I have saved"

I like that multiboot idea, but I think I want to advise home system for doing the downloading and patch management, give it a CD burner and huge HD.

I think it would be counterproductive to have every single patch on the boot HD, which may be incompatible, initially at least, with some of the spare HDs. So I'd vote to have the home system put together packages of O/S and its latest patches onto a CD, then for the laptop, and HD booted should be able to easily find the patches it needs on its CD.  Plan to carry spare parts, beginning with a spare CDROM for yourself

Otherwise, the overhead on initial boot cd is too much.  It may be ok to have documents on that same HD, as long as they are not too extensive. If they get too complicated and large, consider moving them to CD as well. I agree to place all tools on single HD. Even if it has to be partitioned to enable *nix tools for a defaulted Windows boot. While you are at it, have another HD ready as a duplicate of the first one.  What you do not want to do is ever make the customer wait while you look for things, so have them all at the ready, and organized.  Imagine customer response to you saying: "Oh, I'll get to that immediately, just as soon as I rebuild my HD due to (mumble) glitch ..."

If you are seeking opportunity to give advise on network integrity, consider wireless, but with time on your hands keep track of the news and for how the securing world is going, and especially for how the court cases are going, to define the limits that are used in the communities you'll be serving.

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question