security labs

figured i'd post this here in hopes of more hits.

anyway, i'd really like to start learning more about security and school is almost out so i figured i'd start setting things up. I'd really like to get more hands on experience in the area of security. obviously, i don't have a production network on hand, but i do have a variety of PCs around. What would be a good place to start looking? Good reads, etc. I know a lot of this will come with experience but i figured i'd ask anyway.

I'm in a security+ type class right now (really haven't been studying much though) and will be taking a CEH class at my school next semester. (i plan to make up my lack of studying for security+ though)

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

dynamik

What aspect of security interests you? You mentioned the CEH, so are you interested in ethical hacking/pentesting/etc.?

What's your background with *nix, Windows, Cisco, etc.? You really need to build a solid foundation with X technology before you start exploring the security side of things.

What are the specs of the PCs you have access to? If they are something decent, you can load some VMs on each one and get a respectable lab.

Darthn3ss

dynamik wrote:

What aspect of security interests you? You mentioned the CEH, so are you interested in ethical hacking/pentesting/etc.?

definitely etheical hacking & pentesting, would like to get into configuring networks at various points (routers/switches, servers, hosts, IDS/IPS) as well but most of that requires access to equipment i don't have :d

What's your background with *nix, Windows, Cisco, etc.? You really need to build a solid foundation with X technology before you start exploring the security side of things.

I use linux/windows personally on a regular basis and work at a help desk supporting windows part time. For cisco, all i ireally have is lab & classroom experience. Currently in CCNP classes however i wouldn't necessarily say i'm ready to take any CCNP exams or work at that level.

What are the specs of the PCs you have access to? If they are something decent, you can load some VMs on each one and get a respectable lab.

Intel Q6600 4GB ram/plenty of hard drive
2.1GHz dual core intel with 4gb of ram
old AMD machine, around 1.5-2GHz with like 512mb of ram
old PIII server with about 256-512mb ram
Laptop, AMD, ~2GHZ w/1gb RAM
Laptop, Intel 1.5GHz dual core with 2gb of ram.

Yeah so i'm fairly young and inexperienced.

dynamik

I'd ditch the old computers if I were you. You'll be able to get so many VMs going between the dual- and quad-core machines, you won't even miss them. I'd hold on to the laptops though; it's always nice to have an extra one or two on hand.

What sort of responsibilities do you have at your job? Unless you're really digging into your OS each day, regular, daily use isn't going establish the foundation you need. I would put the greatest emphasis on learning Windows, Linux and/or Cisco inside-and-out. This process will often be tedious and mundane, but its a necessary evil.

Consider getting a Technet subscription with MS ($349). It'll allow you to download all their products for trial/evaluation use. Get familiar with a virtualization platform or two. You might be able to get ESXi going if you have compatible hardware, otherwise Hyper-V tends to be a little less stringent and you'll have access to that with Server 2008 via a Technet subscription. VMware Workstation/Server, VirtualBox, and Virtual PC/Server are other viable alternatives, depending on how you want to set things up.

You might want to start working on a programming language or two. C, PERL, Python, and assembly are all good choices. Shednik just gave me a stack of C books I have to go through with him; they're arriving next week. If you go with Python, start with v3 because it's changed significantly since v2. It was in beta last I checked, but I wouldn't waste my time with the older version if you're just starting out.

If you want to look for some fun books, check out the CEH book by Wiley, Gray Hat Hacking, The Hacking Exposed series (The main book is getting an update in Jan I believe, but the spin-offs are current), Penetration Tester's Open Source Toolkit, etc.

Like I said, core knowledge should be your primary concern. My Linux knowledge isn't anywhere near where it should be. I'm going to focus on the LPI and RHCE material in '09.

You may want to check this book out as well: http://www.amazon.com/Build-Your-Own-Security-Lab/dp/0470179864/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1227311356&sr=8-1

I'm currently the only one to review it. It was a bit basic for me, but it might help you out depending on where you're at. You can get it for a decent price used too.

Keep in mind, I'm only in my mid-20s and am by no means an expert. I'm just sharing what I've learned and the path I'm taking. Hopefully that'll help you with your next step or two.

shednik

Pretty much dynamik summed it up perfectly for you darth....here is my MUCH shorter list that i would follow. If my memory serves me right you have gone through or are in the process of going through the CCNA net academy. Sooo I will venture to assume that you have a fair understanding of how TCP/IP works, all the various network protocols, and etc. My plans are to further my knowledge on networking protocols, read the recommended CEH reading list I've compiled

. Then once I get my new VM machine together thanks to dynamik I will run through various pen tests on my PC and maybe dynamik until he yells at me

for it...My main goal is to learn and have a lot of fun doing it. I have about 3 years to finish my masters so I have a ways to go. This spring semester as dynamik said I am dedicating to masters C, Perl, and Python due to the programming course I have to take. But yea just work on practicing on anything you can exploit in your lab and read up on the reading list and more that you find on the web.

Darthn3ss

dynamik wrote:

I'd ditch the old computers if I were you. You'll be able to get so many VMs going between the dual- and quad-core machines, you won't even miss them. I'd hold on to the laptops though; it's always nice to have an extra one or two on hand.

I figured the older computers would be fine for running linux as a web server or something.

What sort of responsibilities do you have at your job? Unless you're really digging into your OS each day, regular, daily use isn't going establish the foundation you need. I would put the greatest emphasis on learning Windows, Linux and/or Cisco inside-and-out. This process will often be tedious and mundane, but its a necessary evil.

since i'm not a full time employee, just a intern, i mainly just handle phone calls and troubleshoot/repair. next up is where i have problems. i'd like to learn all three in great detail

Thats a tough decision, but i think id like to start with windows. I'd ultimately like to learn a little bit of everythign at once.

Consider getting a Technet subscription with MS ($349). It'll allow you to download all their products for trial/evaluation use. Get familiar with a virtualization platform or two. You might be able to get ESXi going if you have compatible hardware, otherwise Hyper-V tends to be a little less stringent and you'll have access to that with Server 2008 via a Technet subscription. VMware Workstation/Server, VirtualBox, and Virtual PC/Server are other viable alternatives, depending on how you want to set things up.

Technet: definitely been on my todo list for atleast a year or so. will put this on my christmas list

ESXi: been trying to figure out if i can dual boot it.

You might want to start working on a programming language or two. C, PERL, Python, and assembly are all good choices. Shednik just gave me a stack of C books I have to go through with him; they're arriving next week. If you go with Python, start with v3 because it's changed significantly since v2. It was in beta last I checked, but I wouldn't waste my time with the older version if you're just starting out.

I've got O'Rielly's "Learning Perl" right next to me, just havn't found the time to regularly study.
I did write a basic client/sever app in linux class a while back though. I'd probably pick python, i loathe C for some reason.

If you want to look for some fun books, check out the CEH book by Wiley, Gray Hat Hacking, The Hacking Exposed series (The main book is getting an update in Jan I believe, but the spin-offs are current), Penetration Tester's Open Source Toolkit, etc.

Like I said, core knowledge should be your primary concern. My Linux knowledge isn't anywhere near where it should be. I'm going to focus on the LPI and RHCE material in '09.

You may want to check this book out as well: http://www.amazon.com/Build-Your-Own-Security-Lab/dp/0470179864/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1227311356&sr=8-1

I'm currently the only one to review it. It was a bit basic for me, but it might help you out depending on where you're at. You can get it for a decent price used too.

Keep in mind, I'm only in my mid-20s and am by no means an expert. I'm just sharing what I've learned and the path I'm taking. Hopefully that'll help you with your next step or two.

http://www.amazon.com/Gray-Hat-Hacking-Ethical-Handbook/dp/0072257091 < is this the book you mentioned?

dynamik

Darthn3ss wrote:

I figured the older computers would be fine for running linux as a web server or something.

Totally up to you. You're going to be able to get everything you need running on VMs between those two faster machines. I really don't see any practical use for them, but keeping them isn't going to hurt you. I'd rather have the extra space

Darthn3ss wrote:

http://www.amazon.com/Gray-Hat-Hacking-Ethical-Handbook/dp/0072257091 < is this the book you mentioned?

Kinda. There's a second edition: http://www.amazon.com/Gray-Hacking-Second-Shon-Harris/dp/0071495681/ref=sr_1_1?ie=UTF8&s=books&qid=1227329654&sr=1-1

the_Grinch

Don't for get to look into metasploit! It is script kiddie stuff, but it takes a lot to rig it up for the automation. Get the automation going and you can judge if you got the basics covered for securing a system. Also, start reviewing security websites everyday! One of my professors put it best "if you don't love it enough to look at security articles and white papers everyday get out of the field".

JDMurray

dynamik wrote:

I really don't see any practical use for them, but keeping them isn't going to hurt you. I'd rather have the extra space

This is true if you are only attacking software. However, if you are attempting specific BIOS or hardware exploits, such as the Pentium's multiplication bug, a VM's emulation environment won't work for you.

darkerosxx

My advice: get backtrack3 and playyyyy!

http://www.remote-exploit.org/backtrack.html

Grynder

Check out this site http://heorot.net/
They make available live cds you can use to 'hack'. They also have instructions how to get started. I have downloaded them but not used them yet but it looks very interesting

shednik

darkerosxx wrote:

My advice: get backtrack3 and playyyyy!

http://www.remote-exploit.org/backtrack.html

Definitely get used to playing with backtrack!!