LAN Help Home network

Printable View

October 7th, 2003, 05:27 PM
Cube3k

LAN Help Home network

Ok im wanting to set up a network in my house with around four computers so i can do security testing on them like trying to break into them which is legal in your own computers
October 7th, 2003, 05:38 PM
tekno

You a correct in saying that, but what information are you looking for?

OS, methods, networking, etc....

##EDIT##

the more info you give us..the more we can help ;)

##
October 7th, 2003, 05:40 PM
Cube3k

LAN HELP Network security

i want to setup a network in my house with around four computers 4 computers i want to set up they computers to look like a bussiness'es work server so i can break into them which is legal becuase its causing no harm, ;) but any way my question is this what kind of nework would you reccomend and how would you set up each computer i.e what kind of operating system and software for each computer would you reccomend, and is there any tutorials available.
October 7th, 2003, 05:50 PM
tekno

Well there are plenty of useful Tutorials in the Tutorial section of this board.

I'm not sure about your current setup, but you would need at least a hub to connect these computers together.

You could also get a router to seperate your current network from your "sandbox". That would simulate you attacking a host remotely through another network.

In terms of OS'es, it depends on what you want to play with. I would recommend starting out with a Windows 2000 server (to act as your business server) some windows 2000 pro or XP clients (maybe even Windows 98 :p) and a RedHat Box, just to throw from *nix in there for you.

I would just install the basic services, maybe a few extra ones that you know are weak. You can always reformat/install other services when you feel the need. Maybe find out a vulnerable service and install it to play with and see what you can do.

so some research here at AO, in terms of methods for pen-testing, scanning, etc....

some other links you might find helpful:

NewOrder
Astalavista
PacketStorm

hopefully I answered your questions.
October 7th, 2003, 05:55 PM
Spyrus

You seem a bit defensive about asking this question but...............I personally would start by setting up a computer as a windows 2k server running webserver and the such. After that I would set one up as a linux machine (red hat, suse, BSD, whatever you choose) running apache. then you can setup the last computer as a windows 2k desktop and start having fun. Dont forget to update the machines.

Edit: posted at the same time as tekno but you definitely want to split your network up with your "attacking" machine and the other machines with a router. after that I am thinking you should try it with both a switch and a hub. Its a lot easier to sniff and watch traffic thats going on through a hub as opposed to a switch
October 7th, 2003, 06:00 PM
MrLinus

**Deleted dup thead**

One way I would do it is a) have as many different OSes setup (Win2K, WinXP, Novell, FreeBSD, Linux Distro -- SUSE or RH) b) install most common apps (Apache, Sendmail, Exchange, IIS, etc) using their default c) attack the servers d) rebuild servers and lock them down e) have a friend configure the setups. :)
October 7th, 2003, 06:03 PM
RebelToTheEnd

My recommendation would be to use different OSes to try and break into on the computers. If you want to learn security risks I believe trying out different OSes would benifit you more than just one OS. Setup; I would try the different toplogy setups just to get a feel of not only security related hacking, but also knowledge of setting up different networks (Example Star, bus, ring, wireless and if you have enough computers try a mesh.) Also setup your OS with limited security features and see what you can get and then add more. I agree with tekno in his statement and about those sites too. I always find myself at www.astalavista.box.sk frequently because of the knowledge which can be found there. Also when you're done hacking your systems, up the ante by adding firewalls. Try a software firewall, and also try a hardware firewall. I would recommend a lot of reading!!! There is so much info out there on hacking, so I hope you have a lot of patience. Hopefully what I said makes sense.
October 7th, 2003, 06:53 PM
mohaughn

Quote:

Originally posted here by MsMittens
**Deleted dup thead**

One way I would do it is a) have as many different OSes setup (Win2K, WinXP, Novell, FreeBSD, Linux Distro -- SUSE or RH) b) install most common apps (Apache, Sendmail, Exchange, IIS, etc) using their default c) attack the servers d) rebuild servers and lock them down e) have a friend configure the setups. :)

I'd have to totally disagree with this approach. For one main reason. All of this software will cost way to much money, and piracy is not a good thing. Also, if you try to setup all of this software you will instead be learning how to administer all of these systems instead of messing with security. Given that you already have a computer, more than likely with windows on it, I would get a network device(switch or hub) and another computer with a copy of a linux variant on it. You would then have your hands full if you are a newb. There is more than enough you can learn with just two computers on your network.

Sure at some point you will more than likely need to put up different network services to test different things, but having 8 different computers all running 8 different OS's each with different applications loaded is not really something that someone new to security or IT in general is going to be able to pull off. Also looking at security on a machine that has a straight default setting is pretty much pointless because if you really want to learn you need to test your skills against something that has good security, not default security.
October 7th, 2003, 07:23 PM
raisor

I say start small and build up. Start with two computers, the attacker and the target. For the attacker use whatever operating system you are most comfortable using and for the target start with windows or linux. The target os is a choice you can make.

Start with installing defualt setups and find out what you can break in to on the other computer. Once you figure out the flaws, fix them and try again. Once you have your target to the point where you are unable to do anything to it but it is still functional (i.e. can still surf web and operate without issues) then change the operating system on the target and start over.

When you get the hang of attacking one computer and know how to secure it from attack then try creating a target computer and have someone else try to get in. If they can't then that is good. Then have someone else setup the target and secure it the best they can and see if you can get in to it then.

I don't see why you would need more than 2 or 3 machines to do this and of course your network setup is going to affect what you can or can't do as well. Try a direct connection or hub setup first and move up from there. If you have the luxury try using someone elses internet connection and computer and see if you can get in that way.

Some may disagree with my post but this is how I started and seems to be the easiest way for me but then I learn much easier by example than reading about or being told about how to do something.

Please feel free to ask questions or provide constructive feedback about my post.
October 7th, 2003, 07:34 PM
souleman

Quote:

All of this software will cost way to much money, and piracy is not a good thing. Also, if you try to setup all of this software you will instead be learning how to administer all of these systems instead of messing with security.

First, he never said anything about how much money he wanted to spend, and doing what MsMittens would be the best way to tod it... Besides, you can get plenty of software for free and legally. You can get trial version s of win2K directly from Mircosoft is you ask for it. So I don't see where the big expense is...

Also, learning how to administer the system is the biggestportion of security. Unless you want to be a script kiddie and don't really care to learn anything, then you have to learn how to administer the system t oknow anything about security except weather or not some script will run on your computer or not.

Oh yeah, and there are many administrators only do default setups and don't take the time to properly set up anything. And if you will notice, she did say that you should then secure the system after exploiting it.

No offence to you mohaughn...I just agree with what MsM said.
October 7th, 2003, 08:39 PM
MrLinus

I wasn't thinking of expensive and by habit, use the 180-day trial version that MS provides, for this kind of purpose.

The FreeBSD and Linux distros are easily and legally downloadable from the sites as is other software. Also, I didn't mean to suggest that he should have 8 machines but rather a variety. Pick and choose differences so you can understand what is different between them. I have some pretty cheap old "abuse" boxes that I use and have at one point or another had: Novell 5, Mac OS9, Mac OS X, FreeBSD, RH, Suse, Slackware 9, Windows 2000, Win98.

I perhaps should have been clear on that and for that I apologize. I wrote by habit of what I expect my students to do in class.

The reason you look at the default is so you can understand what the system starts with and what the dangers are with a default install. Novell, under default, doesn't have the same issues and needs fewer checks than either MS or *nix (specifically Linux). Then, once you understand the flaws (problems) with default you can go about looking for the specific fixes and build on that. Pen testing is the best for this kind of thing. Check for vulnerabilities, find them, fix, repeat ad nauseum.

Thanks, soule. :D
October 10th, 2003, 08:40 PM
mohaughn

Quote:

Originally posted here by souleman

No offence to you mohaughn...I just agree with what MsM said.

No offense taken at all. Explained in that light I agree and think we were all probably saying the same thing and unfortunately a little of it was getting lost in this great median of typed text... I read MsM.'s comment as having all of those systems and apps up and running at the same time. After reading her response back to me, it makes more sense about what she was saying. I also have to totally agree with you that learning to administer a system is the easiest way to learn how to secure one. I was just thinking in terms of information overload.
October 10th, 2003, 09:05 PM
nihil

Hi Cube3k,

Last WIN 2000 server I bought was around £585 for a five seat version. MS Mittens has suggested the extended trial of 2003 or whatever. That is a good idea if you can do what you want in that timespan.

You might be able to get hold of a "free" /cheap copy of NT4 server, that would be probably adequate for your preliminary experiments?

I guess if you want "real world" you need to include some *nix OS in your design I do not really see the point of 9X, as they are all single user home environment OSes, and should not really be on a pro. network. The only real reason they ever were IMHO was because NT4 did not support power management, and that was an issue for people with laptops?

Good luck