Have my VM machine built, need advice on VM infrastructure for hacklab

reppgoa

Hey all,

About a month ago I built out a pretty good VM box. I7 2600 (non-K version for the VT-D functionality), 32gb ram, and 2x 120gb SSD's. I am planning on grabbing my C|EH, GPEN, and CISSP all within the next year so I need to build out a hack lab. I wanted suggestions on VM's that you guys have used. Prebuilt VM's like DE-ICE are good, but also any custom configs you may have come up with. Also, do you think I should build out an entire infrastructure? Something like multiple DC's, web servers, backend SQL servers, load balancers, linux, unix, and windows boxes to simulate a real life network? I feel like thats the best plan, but seems like it would take a lot of work.

AlexNguyen

reppgoa wrote: »

I am planning on grabbing my C|EH, GPEN, and CISSP all within the next year so I need to build out a hack lab.

You don't need a "hack lab" to grab the CISSP cert. There are many "paid" hacking lab (e.g. www.elearnsecurity.com) or free one (www.hacking-lab.com) that you can consider.

the_hutch

Its worth the work in my opinion. Biggest recommendation is TechNet Subscription...a MUST. Otherwise, you are going to have a seriously miserable time tracking down actual licenses. Personally, I like Oracle VirtualBox, but that's a matter of taste/opinion.

reppgoa

meh, I am not worried about licensing. The software is not an issue, its the infrastructure.

the_hutch

reppgoa wrote: »

meh, I am not worried about licensing. The software is not an issue, its the infrastructure.

To be honest, I haven't built my environment yet to the extent that I would like to. Right now its just a series of bridged machines that I use for short improvised exercises. Nothing even close to an actual functioning production network. But it seems like (somebody better with virtualization will have to confirm this) you could control traffic flow logically (by using multiple virtual network adapters on certain machines to segment the network), even though there is no actual physical topology. I still haven't tried this myself though.

reppgoa

yea, I know you can do it. We should collaborate on something. Maybe setup a skype session on weekends and get our labs setup. We could even VPN across and hack each others lab. Seems like it would be a great learning experience.

the_hutch

Yeah, that could be fun. If nothing else, I would be helpful to just exchange ideas. Are you planning on using virtualbox or vmware? Also, does skype support screen sharing? If it doesn't, I know google+ hangouts do. I'm going to be out of town this weekend, but I could put some time into it next weekend. Let me know if that works for you.

reppgoa

I have vmware. I will PM you my skype details and we can work from there.

SephStorm

I'd be interested in getting in on the deal too. But it will be some time before i'm back home.

I'm planning a vmware inf. I want to use ESX or something similar, but I dont have an actual server I can build it on...

the_hutch

I don't have an actual server either. I'm just building my environment on my desktop...so mine will be minimal compared to reppgoa's. I've only got 8GBs of DDR3, and an AMD Phenom hexa-core processor to work with. I am using an additional 4GBs for speedboost on a dedicated jumpdrive since I don't have an SSD. My total infrastructure will probably only consist of 8-10 vms...including firewall systems.

reppgoa

My hope is to get an entire network simulation going. ESXI, firewalls, multiple OS hosts, the works. I have my dedicated VM server, a beast gaming PC, an older dual core machine with 12gb ram, and finally a macbook pro. I plan to utilize them all.