Results 1 to 7 of 7

Thread: Network Security Labs... Suggestions?

  1. #1
    Junior Member
    Join Date
    Jan 2004
    Posts
    16

    Network Security Labs... Suggestions?

    I wasn't sure which Discussion Forum to post this in so I thought I'd try the general Network Security.

    I'm a network and security instructor at a technical school in Pennsylvania. I'm trying to come up with some new hands on labs for my students to run through.

    The stuff we currently have is a little dated and I'd like to update things myself since it may be a while before our textbooks and lab manuals are. I want my students to have as current of information as they can.

    Does anyone have any (or know where I can find) good hands on labs for Footprinting, Network Reconnaissance, enumeration or just about anything else that'd be good for them to experience?

    These labs are going to be used in an isolated network of anywhere from 10-20 machines (depending on the classroom). I can provide the students with limited Internet access through a firewall if need be, but I'd prefer to give them the tools needed to do the labs without venturing out of our network at all. Operating systems are flexible because the students are taught XP, Server 2k3 and Linux.

    Any help that can be provided would be much appreciated.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Hrmm.. I used to have a whole syllabus set up and haven't been able to find it recently (plus everything is packed).

    When I taught a course like this I had a "tank machine" (highly locked down *nix box) that the students would go through and attempt to break into. The course would break the process down and have them do labs with tools like nmap, nslookup/dig, etc. Generally, I'd leave the labs free flowing as this worked best but they had to find certain information for me (e.g., OS type and version, open ports, pick say 3 ports and identify why having those open are a security risk or not) and submit it the following week. They would work in teams of two, "attacking" both the locked down box as well as each other. They were required to build their box as a dual-boot so they could experience things/pre-formatted tools in both major platforms.

    Additionally, I reminded them of rules that they had to adhere to. You may want to use one of the live security OSes (STD Knoppix, for example) as a starting point.

    HTH. If I remember more, I'll post it.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Junior Member
    Join Date
    Jan 2004
    Posts
    16
    Quote Originally Posted by MsMittens
    Hrmm.. I used to have a whole syllabus set up and haven't been able to find it recently (plus everything is packed).

    When I taught a course like this I had a "tank machine" (highly locked down *nix box) that the students would go through and attempt to break into. The course would break the process down and have them do labs with tools like nmap, nslookup/dig, etc. Generally, I'd leave the labs free flowing as this worked best but they had to find certain information for me (e.g., OS type and version, open ports, pick say 3 ports and identify why having those open are a security risk or not) and submit it the following week. They would work in teams of two, "attacking" both the locked down box as well as each other. They were required to build their box as a dual-boot so they could experience things/pre-formatted tools in both major platforms.

    Additionally, I reminded them of rules that they had to adhere to. You may want to use one of the live security OSes (STD Knoppix, for example) as a starting point.

    HTH. If I remember more, I'll post it.
    What are your thoughts on Auditor and BackTrack as far as live security OS's? Do you prefer Knoppix STD to those?

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    I haven't used BackTrack and only played around with Auditor a little bit. It's really a preference thing. My choice was to have students build their own systems and then provide them with internet access or have a local mount CD/disk with the necessary files.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Junior Member
    Join Date
    Jan 2004
    Posts
    16
    Quote Originally Posted by MsMittens
    I haven't used BackTrack and only played around with Auditor a little bit. It's really a preference thing. My choice was to have students build their own systems and then provide them with internet access or have a local mount CD/disk with the necessary files.
    Since these students will be relatively new to security I want to keep things as simple and basic for them as possible. I haven't used STD but I know Auditor is pretty "newbie" friendly. Would you consider STD to be relatively easy for someone with little experience already?

    I know BackTrack is more for someone with a little more knowledge than these students are going to have to begin with. I'll introduce them to that later in the course. I don't want to overwhelm them too quickly. :-D

    One of the finals for the course is a "server wars" project where the class is divided in half. Each side sets up a proxy server and a network with specific machines and services running on it. Then we let them have at each other to see who can do what.

    Since that's part of the final I want to avoid them actually 'breaking into' anything this early in the course. I want more information gathering type labs for them.

    Thanks for the advice. Any additional suggests would be greatly appreciated.
    Last edited by wild16976; September 12th, 2007 at 05:22 PM.

  6. #6
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Knoppix is generally pretty user friendly. I haven't downloaded the latest Knoppix STD but I remember it being very straightforward.

    Remind them that information collection is often done beyond the computer. I was amazed as to how many of my students used lunch time, breaks, etc. to get passwords and other info from other students. It was rather impressive.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  7. #7
    Junior Member
    Join Date
    Jan 2004
    Posts
    16
    Quote Originally Posted by MsMittens
    Knoppix is generally pretty user friendly. I haven't downloaded the latest Knoppix STD but I remember it being very straightforward.

    Remind them that information collection is often done beyond the computer. I was amazed as to how many of my students used lunch time, breaks, etc. to get passwords and other info from other students. It was rather impressive.
    I'm not going to mention that part of the equation to them because they should already know it by the time they get to this section. I have a social engineering project they complete prior to actual technical stuff.

    When I was a student going through this course a long time ago my group won our server wars through a combo of social engineering and technical know-how. We sent all but two of our group members to lunch with the other group. One of us played lookout while the other used physical access to the other teams servers to reboot a domain controller, reset their local admin password using some password reset tools and then use that local admin account to gain admin access to their active directory network. It worked perfectly. They came back from lunch and had no idea we had total control over their entire network.

    It was a reminder to everyone that you can have all the logical security you want in place... if you don't guard the physical security of your equipment I can sit down at your server and have domain admin rights in under 15 minutes.

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Tips
    By XTC46 in forum Site Feedback/Questions/Suggestions
    Replies: 15
    Last Post: August 24th, 2005, 07:52 PM
  3. Security Policy
    By instronics in forum The Security Tutorials Forum
    Replies: 7
    Last Post: February 5th, 2003, 10:04 AM
  4. NEWS: This weeks security news
    By xmaddness in forum Miscellaneous Security Discussions
    Replies: 0
    Last Post: September 25th, 2002, 08:53 PM
  5. Introduction to IDS
    By micael in forum IDS & Scanner Discussions
    Replies: 3
    Last Post: February 23rd, 2002, 10:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •