THE USE AND CREATION OF A HACKING LAB
Every ethical hacker must have a place to practice and explore. Most newcomers
are confused about how they can learn to use hacking tools without breaking the
law or attacking unauthorized targets. This is most often accomplished through
the creation of a personal “hacking lab.” A hacking lab is a sandboxed environment
where your traffic and attacks have no chance of escaping or reaching unauthorized
and unintended targets. In this environment, you are free to explore
all the various tools and techniques without fear that some traffic or attack will
escape your network. At a minimum, the lab is set up to contain at least two
machines: one attacker and one victim. In other configurations, several victim
machines can be deployed simultaneously to simulate a more realistic network.
The proper use and setup of a hacking lab is vital because one of the most
effective means to learn something is by doing that thing. Learning and mastering
the basics of penetration testing is no different.
The single most crucial point of any hacker lab is the isolation of the network.
You must configure your lab network in such a way that it is impossible for
traffic to escape or travel outside of the network. Mistakes happen and even
the most careful people can fat-finger or mistype an IP address. It is a simple
mistake to mistype a single digit in an IP address, but that mistake can have
drastic consequences for you and your future. It would be a shame (and more
importantly illegal) for you to run a series of scans and attacks against what
you thought was your hacker lab target with an IP address of 172.16.1.1 only to
find out later that you actually entered the IP address as 122.16.1.1.
The simplest and most effective way to create a sandboxed or isolated environment
is to physically unplug or disconnect your network from the Internet. If
you are using physical machines, it is best to rely on hardwired Ethernet cables
and switches to route traffic. Also be sure to double- and triple-check that all of
your wireless NIC s are turned off. Always carefully inspect and review your network
for potential leaks before continuing.
Although the use of physical machines to create a hacking lab is an acceptable
solution, the use of virtual machines provides several key benefits. First,
given today’s processing power, it is easy to set up and create a mini hacking
lab on a single machine or laptop. In most cases, an average machine can run
two or three virtual machines simultaneously because our targets can be set
up using minimal resources. Even running on a laptop, it is possible to run
two virtual machines at the same time. The added benefit of using a laptop is
the fact that your lab is portable. With the cheap cost of external storage today,
it is easily possible to pack hundreds of virtual machines on a single external
hard drive; these can be easily transported and set up in a matter of minutes.
Anytime you are interested in practicing your skills or exploring a new tool,
simply open up Backtrack and deploy a VM as a target. Setting up a lab like this
gives you the ability to quickly plug-and-play with various operating systems
and configurations.
Another benefit of using virtual machines in your pen testing lab is the fact
that it is very simple to sandbox your entire system. Simply turn off the wireless
card and unplug the cable from the Internet. Your physical machine and
virtual machines will still be able to communicate with each other and you can
be certain that no attack traffic will leave your physical machine.
In general, penetration testing is a destructive process. Many of the tools and
exploits we run can cause damage or take systems offline. In some cases, it is
easier to reinstall the OS or program rather than attempt to repair it. This is
another area where VMs shine. Rather than having to physically reinstall a program
like SQL server or even an entire operating system, the VM can be quickly
reset or restored to its original configuration.
Every ethical hacker must have a place to practice and explore. Most newcomers
are confused about how they can learn to use hacking tools without breaking the
law or attacking unauthorized targets. This is most often accomplished through
the creation of a personal “hacking lab.” A hacking lab is a sandboxed environment
where your traffic and attacks have no chance of escaping or reaching unauthorized
and unintended targets. In this environment, you are free to explore
all the various tools and techniques without fear that some traffic or attack will
escape your network. At a minimum, the lab is set up to contain at least two
machines: one attacker and one victim. In other configurations, several victim
machines can be deployed simultaneously to simulate a more realistic network.
The proper use and setup of a hacking lab is vital because one of the most
effective means to learn something is by doing that thing. Learning and mastering
the basics of penetration testing is no different.
The single most crucial point of any hacker lab is the isolation of the network.
You must configure your lab network in such a way that it is impossible for
traffic to escape or travel outside of the network. Mistakes happen and even
the most careful people can fat-finger or mistype an IP address. It is a simple
mistake to mistype a single digit in an IP address, but that mistake can have
drastic consequences for you and your future. It would be a shame (and more
importantly illegal) for you to run a series of scans and attacks against what
you thought was your hacker lab target with an IP address of 172.16.1.1 only to
find out later that you actually entered the IP address as 122.16.1.1.
The simplest and most effective way to create a sandboxed or isolated environment
is to physically unplug or disconnect your network from the Internet. If
you are using physical machines, it is best to rely on hardwired Ethernet cables
and switches to route traffic. Also be sure to double- and triple-check that all of
your wireless NIC s are turned off. Always carefully inspect and review your network
for potential leaks before continuing.
Although the use of physical machines to create a hacking lab is an acceptable
solution, the use of virtual machines provides several key benefits. First,
given today’s processing power, it is easy to set up and create a mini hacking
lab on a single machine or laptop. In most cases, an average machine can run
two or three virtual machines simultaneously because our targets can be set
up using minimal resources. Even running on a laptop, it is possible to run
two virtual machines at the same time. The added benefit of using a laptop is
the fact that your lab is portable. With the cheap cost of external storage today,
it is easily possible to pack hundreds of virtual machines on a single external
hard drive; these can be easily transported and set up in a matter of minutes.
Anytime you are interested in practicing your skills or exploring a new tool,
simply open up Backtrack and deploy a VM as a target. Setting up a lab like this
gives you the ability to quickly plug-and-play with various operating systems
and configurations.
Another benefit of using virtual machines in your pen testing lab is the fact
that it is very simple to sandbox your entire system. Simply turn off the wireless
card and unplug the cable from the Internet. Your physical machine and
virtual machines will still be able to communicate with each other and you can
be certain that no attack traffic will leave your physical machine.
In general, penetration testing is a destructive process. Many of the tools and
exploits we run can cause damage or take systems offline. In some cases, it is
easier to reinstall the OS or program rather than attempt to repair it. This is
another area where VMs shine. Rather than having to physically reinstall a program
like SQL server or even an entire operating system, the VM can be quickly
reset or restored to its original configuration.
No comments:
Post a Comment