Slashdot Mirror
Designing a Security Lab?
RanmaPlex asks: "I've been asked by a university professor to design a network security lab for use by about 15 students. Designing a course was asked earlier, but little info was discussed on equipment. It needs to be vendor independent if possible. I've got ideas on using virtual machines, patches, IDS, firewalls/vpn and sniffers but would like to know what the Slashdot community can come up with."
Whatever you ultimately decide on, it would be best for a good security education to include a variety of platforms and hardware so that students can experience different things. For example, if you have something along these lines:
n = # of students
(n/2) PC's running Windows XP / Linux / Solaris-x86 triple boot set-ups -- for them to hack from and get hacked by... If you play a competitive game of "you get x minutes to secure your box on y OS, then everyone try to hack each other's boxes-- figure out what OS they are running, and what (if any) known vulnerabilities it has."
Throw in another box that's to run as a "server," run by the teacher-- it's a similar dual or triple boot box to provide variety.
A few routers & switches of different brands (3Com, Cisco)
-- Just my $0.02
The STEAL lab at the Nebraska University Consortium of Information Assurance has a pretty nice setup that sounds similar to what the AskSlashdot post described. One thing I noticed when walking by the lab: they have signs up indicating that if you walk in through their door with a USB keydrive or a CDR, you can plan on walking out without it. The basic idea is that no electronic media, whatsoever, is allowed in or out without a CAREFUL audit of what's going on. If you're going to play with live viruses, the setup demands nothing less, I suppose. Remember that if you don't have physical security, network security doesn't make any difference.
http://tinyurl.com/4ny52