Did this happen in the end? Did anyone get a recording of it as I couldn't get to it.
Robin On 18 Nov 2013 17:41, "Hirt, Rand W" <[email protected]> wrote: > *How To Build Your Own Low Cost HackLab – FREE Webinar* > > Thursday, November 21, 2013 1:00 PM - 3:00 PM EST > > https://www4.gotomeeting.com/register/889834095 > > > > -Cheers > > Rand > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *xgermx > *Sent:* Monday, November 18, 2013 7:51 AM > *To:* Jamil Ben Alluch > *Cc:* PaulDotCom Security Weekly Mailing List; [email protected] > *Subject:* Re: [GPWN-list] Pen Testing Lab Images/Systems setup > > > > Sorry, I don't have a direct link but, Joe McCray is hosting a "Building A > Low Cost HackLab" webinar this week. > (It was rescheduled from last week to this week). Keep an eye on Twitter; > I'll update this thread with the link when it's shared. > > > > On Sun, Nov 17, 2013 at 9:13 AM, Jamil Ben Alluch <[email protected]> > wrote: > > Thank you all for all the great responses. Lots of information here! > > > > I appreciate it greatly. > > > > Best Regards, > > > > -- > > Jamil Ben Alluch, B.Ing., GCIH > > <http://www.autronix.com> > > *[email protected]* <http://www.autronix.com> > > *+1-819-923-3012* <http://www.autronix.com> > > <http://www.autronix.com> > > On Sun, Nov 17, 2013 at 9:34 AM, Joseph Brand <*[email protected]*> > wrote:<http://www.autronix.com> > > TechNet was replaced with free to download 180 day trials so you can still > get access to ISOs and install MS stuff. Just a pain to rekey, or mess > with changing the OS date / time settings to keep it within the trial. > > I like to run a couple of the recent versions at home for trial scans and > finding ways in. > > Joe <http://www.autronix.com> > ------------------------------ > <http://www.autronix.com> > > > > > > *From: Robin Wood Sent: 11/17/2013 9:03 AM To: Ed Skoudis Cc: > [email protected] Subject: Re: [GPWN-list] Pen Testing Lab > Images/Systems setup <http://www.autronix.com>* > > > > On 17 November 2013 13:46, Ed Skoudis <*[email protected]*> wrote: > > Great stuff, guys! > > > > You also may want to check out the mind map by Aman Hardikar .M. Great > > stuff. > > > > *http://www.amanhardikar.com/mindmaps/Practice.html* > > > > He allowed us to put it on the SANS Pen Test poster, and I'm very > grateful > > for that. > > > > --Ed. > > > > If asked last year I'd have suggested MS TechNet as a great way to get > licences for most MS products but they have cancelled that program now > so can't subscribe any more :( > > I would suggest though looking through some of the MS tutorials on how > to set up their tools, for example this on SharePoint > *http://technet.microsoft.com/en-us/library/jj658588.aspx* . It tells > you how MS would expect the systems to be set up so gives you a good > idea of the base level for a lot of builds. > > Robin > > > > > On Nov 16, 2013, at 11:52 PM, Julian Makas < > *[email protected]*> > > wrote: > > > > We have a couple scenarios in play at my place. > > > > Our "attack lab" has all of the normal pwn-able images (ie. > metasploitable, > > DVWA, etc.). > > > > Out "test lab" is 1/2 Fort Knox and 1/2 realistic network based on what > we > > are seeing as a norm amongst our clients. > > > > The Fort Knox side is a sudo war games between our admin group and > security > > group where the realistic side tries to mimic a common baseline of what > we > > see going on in our client networks. This give us some red and blue team > > benefits. > > > > Attack lab is for training. > > > > Hardened and baseline networks are for training and bragging rights but > > mostly used for testing engagement scenarios where we have to step > outside > > of the box. > > > > What do you need your lab to do for you? Let you train? Let you test poc > and > > new concepts? Crash your lab box before you crash a clients server while > on > > an engagement? > > > > It all depends on what you want to do, but you'll eventually want > aspects of > > all of these. > > > > - J > > > > > > > > Sent from my iPhone > > > > On Nov 16, 2013, at 7:16 PM, "James Shewmaker" <*[email protected]*> > wrote: > > > > > > On Sat, Nov 16, 2013 at 2:29 PM, Jamil Ben Alluch <*[email protected]*> > > wrote: > >> > >> Hello, > >> > >> This may be a recurring question, but I still wanted to get some input. > >> > >> What kind of systems do you normally use for your pen-testing labs; more > >> specifically, are there pre-set images that you use for testing > >> vulnerabilities and practice ("Ready-to-Hack" systems)? > >> > >> > > Hi Jamil, > > > > You can get started with *vulnhub.com*. They have some free (but hosted > via > > VPN) pre-configured scenarios, including some you can download. The > > vuln-injector program they have is great for weakening a random Windows > VM > > so you can experiment with a closer-to-real-world target. There is also > our > > scenario engine, currently in closed beta, at *bunker011.com* (almost > 800 > > different hosted VMs)--you could try registering and see if you get > invited. > > ;) > > > > It would be interesting to see if you could use the free VPN hosted > > projects, and use dd+netcat to steal them ... Interested, not endorsed! > > > > > > _______________________________________________ > > gpwn-list mailing list > > *[email protected]* > > *https://lists.sans.org/mailman/listinfo/gpwn-list* > > > > _______________________________________________ > > gpwn-list mailing list > > *[email protected]* > > *https://lists.sans.org/mailman/listinfo/gpwn-list* > > > > > > > > _______________________________________________ > > gpwn-list mailing list > > *[email protected]* > > *https://lists.sans.org/mailman/listinfo/gpwn-list* > > > _______________________________________________ > gpwn-list mailing list > *[email protected]* > *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> > > > _______________________________________________ > gpwn-list mailing list > *[email protected]* > *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> > > <http://www.autronix.com> > > > _______________________________________________ > gpwn-list mailing list > *[email protected]* > *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> > > <http://www.autronix.com> > > ------------------------------ > > This message is intended for the sole use of the addressee, and may > contain information that is privileged, confidential and exempt from > disclosure under applicable law. If you are not the addressee you are > hereby notified that you may not use, copy, disclose, or distribute to > anyone the message or any information contained in the message. If you have > received this message in error, please immediately advise the sender by > reply email and delete this message. > > _______________________________________________ > gpwn-list mailing list > [email protected] > https://lists.sans.org/mailman/listinfo/gpwn-list > >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
