Pen test lab setup

[LT72884]

Ello all. I have virtual box setup and i want to mimick the vpn labs that PWB offensive security courses has when you log into them. What machines do i need? I have winxpprosp2, win2k3 server and win 98 for kicks and giggles. I have de-ice and BT2 since thats what works best with deice level1.

Are there any more OS's i should use?

Thanx

Matt

[Gitsnik]

Take the course, you'll learn a hell of a lot more than you can teach yourself at home, as well as a few nifty tricks that, in my case, I hadn't learned in my past years of doing this. Doing so will also give you the tools you need to figure out what machines you need to re-create one at home.

The current course is based on BT3final, which IIRC you will be given a download link to in case you don't have it, and is well worth the small investment necessary. If you think you have the skills, you can do what I did and just get yourself in for 30 days of lab time, if not, others have gone 60 days and extended them just to be sure. The choice is ultimately yours.

Apart from a few certs I am not affilliated with the team in any way, but I will plug a good thing when I see it, be it the OSCP course, TCP/IP Illustrated or Vegemite 1.0.

[lupin]

I agree with Gitsnik, take the course, it's a fantastic learning opportunity and cheap to boot. Theres too many systems in the lab to easily setup at home, plus each system has been customised to some extent which makes it time consuming to reproduce yourself.

[Ethical]

I agree with both lupin & Gitsink ... but if you cant arrange the amount for the course im strongly advice you with this new book Professional Penetration Testing... by Thomas Wilhelm . Read Editorial Reviews Amazon.com: Professional Penetration Testing: Creating and Operating a Formal Hacking Lab (9781597494250): Thomas Wilhelm: Books

Also have a look at Ethicalhacker.net for book review The Ethical Hacker Network - Book Review: Professional Penetration Testing and see if this what u are looking for

[serif]

Take the course! If you build your own lab, you know what vulnerabilities exist - and where's the fun in that?

[LT72884]

Quote:

Originally Posted by serif

Take the course! If you build your own lab, you know what vulnerabilities exist - and where's the fun in that?

sorry for late reply. I have the labs from offensive security 101 back from 07. Im borrowing them from a friend of mine in a linux class we had. He is now back east and im in the west. I will be following the pdf guide. But i have read reviews on thomas's book/ Im going to buy it soon.

thanx guys. I have no job since i am a professional student. So taking the course is out of my budget..

[lupin]

Quote:

Originally Posted by LT72884

sorry for late reply. I have the labs from offensive security 101 back from 07. Im borrowing them from a friend of mine in a linux class we had. He is now back east and im in the west. I will be following the pdf guide. But i have read reviews on thomas's book/ Im going to buy it soon.

thanx guys. I have no job since i am a professional student. So taking the course is out of my budget..

Those documents are not transferable to anyone but the original owner you know, so this is a copyright violation. I don't want any further replies on this topic for the moment, so I'm closing this thread.

[pureh@te]

Quote:

Originally Posted by LT72884

sorry for late reply. I have the labs from offensive security 101 back from 07. Im borrowing them from a friend of mine in a linux class we had. He is now back east and im in the west. I will be following the pdf guide. But i have read reviews on thomas's book/ Im going to buy it soon.

thanx guys. I have no job since i am a professional student. So taking the course is out of my budget..

Using copyrighted materials is a crime. The offsec courses are how some of the creators of backtrack earn a living so your are not only stealing but basically fsking over the backtrack team in general. We do not want or tolerate your kind around here. KTHXBYE