Slashdot Mirror

← Back to Stories (view on slashdot.org)

Designing a Security Lab?

Posted by Cliff on from the building-a-hackers-playground dept.

RanmaPlex asks: "I've been asked by a university professor to design a network security lab for use by about 15 students. Designing a course was asked earlier, but little info was discussed on equipment. It needs to be vendor independent if possible. I've got ideas on using virtual machines, patches, IDS, firewalls/vpn and sniffers but would like to know what the Slashdot community can come up with."

2 of 33 comments (clear)

  1. Re:Why vendor independent? by Anonymous Coward · · Score: 1, Insightful
    Isn't that what a student would encounter in the real world?
    Not in my experience. If you work in security, you are very likely to encounter rather heterogeneous networks, or different vendors on different networks. Additionaly a number of security tools are targeted at specific platforms, and will not always have analogs on your specific platform of choice. Also it is useful to able to test known exploits that only occur with a specific vendors tools to learn if other products may be available, or to reverse engineer the exploit, etc.
  2. Security Lab by Anonymous Coward · · Score: 1, Insightful

    When a college retires a bunch of computers, some crappy printer, or anything else that might've at one time used electricity, claim it for your lab, otherwise it'll be auctioned off. You'll always be hurting for kit no matter how much funding you have. Note that this implies you need a decent amount of space to store lots of crap that might seem useless now, but will come in handy when you want to try something out that could result in damage to hardware, for example. You don't want to break a shiny new P4 mobo when you could throw a Slot A mobo to the wolves.

    Next, you need a super modular software system. Regardless of what OS you're trying to break, you might want to try the same break on different versions of one particular library. Doing a full install of an OS when you could've just replaced one file is a waste of time.

    Finally, remember that securing a system is specific, but breaking into a system is vague. If you're trying to secure a network, you know the threat model (don't you?) and what steps you need to take to protect it. If you're trying to bust a system, it doesn't matter how you do it (Harmony says, "think outside the gift horse").