Hack Lab
Well, I managed to come up with enough hardware to put something together to use as a hacklab for testing penetration testing techniques on. The only problem is RAM. The motherboard I came up with only had 2 slot for RAM, and I don’t have any extra DDR laying around larger than 256MB. For those who aren’t so keen on math, that means I can only have 512MB of RAM on this system. That’s not going to cut it if I run multiple VM’s on it like I want. I’ll see if I can come up with some larger stick of RAM, or use a different mobo, but for now, this is what I’m doing.
I’ve installed OpenBSD as the host OS to reduce overhead. A default OpenBSD install runs ONLY what is absolutely necessary to boot and get you to a prompt. X-server is installed, but it’s just the minimum, as basic as you can get X-server. Then I installed qemu from ports. It’s a very small virtual environment, again with little overhead. So the host OS and the VM environment take up hardly any resources, RAM or HD space, that way the rest of what little RAM we have goes directly to the guest OS’s. I have Windows 2KPRO installing right now, then I’ll install Windows 2KServer, 2K3Server, and XP. I’ll take snapshots of all the basic installs before anybody starts messing with them so we can always bring it back to the default install. I’ve downloaded the latest BackTrack ISO and will have it running in a VM as well. I won’t be able to run all the VM’s at once because of the memory limitations, but we can work on one or two OS’s at a time until I get a different machine or some larger sticks of RAM.
I think I’ll separate this system from our network by giving it it’s own static public IP. I’ve also considered simply using pf (our packet filtering firewall) to segment it off from the network, but if I’m going to invite people to hack me, I think I want this system completely outside of our network. Those who wish to access this “hacklab” will be able to do so via ssh. I’ll setup accounts for those who want one on the BackTrack installation and have all our ssh traffic forward to that particular VM. From BackTrack you’ll have all the latest pen-testing tools and can try to “hack” into one of the other VM’s. Once it’s all up and running the way I want, I’ll start taking requests for accounts. Then I’ll work up a few tutorials, and maybe if we get enough people interested we might schedule a RootWar.