I made it to the webcast, but I haven't seen any recordings sent out yet. I'll update this thread if I see it.
On Wed, Nov 27, 2013 at 11:15 AM, Robin Wood <[email protected]> wrote: > Did this happen in the end? Did anyone get a recording of it as I couldn't > get to it. > > Robin > On 18 Nov 2013 17:41, "Hirt, Rand W" <[email protected]> wrote: > >> *How To Build Your Own Low Cost HackLab – FREE Webinar* >> >> Thursday, November 21, 2013 1:00 PM - 3:00 PM EST >> >> https://www4.gotomeeting.com/register/889834095 >> >> >> >> -Cheers >> >> Rand >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *xgermx >> *Sent:* Monday, November 18, 2013 7:51 AM >> *To:* Jamil Ben Alluch >> *Cc:* PaulDotCom Security Weekly Mailing List; [email protected] >> *Subject:* Re: [GPWN-list] Pen Testing Lab Images/Systems setup >> >> >> >> Sorry, I don't have a direct link but, Joe McCray is hosting a "Building >> A Low Cost HackLab" webinar this week. >> (It was rescheduled from last week to this week). Keep an eye on Twitter; >> I'll update this thread with the link when it's shared. >> >> >> >> On Sun, Nov 17, 2013 at 9:13 AM, Jamil Ben Alluch <[email protected]> >> wrote: >> >> Thank you all for all the great responses. Lots of information here! >> >> >> >> I appreciate it greatly. >> >> >> >> Best Regards, >> >> >> >> -- >> >> Jamil Ben Alluch, B.Ing., GCIH >> >> <http://www.autronix.com> >> >> *[email protected]* <http://www.autronix.com> >> >> *+1-819-923-3012* <http://www.autronix.com> >> >> <http://www.autronix.com> >> >> On Sun, Nov 17, 2013 at 9:34 AM, Joseph Brand <*[email protected]*> >> wrote:<http://www.autronix.com> >> >> TechNet was replaced with free to download 180 day trials so you can >> still get access to ISOs and install MS stuff. Just a pain to rekey, or >> mess with changing the OS date / time settings to keep it within the trial. >> >> I like to run a couple of the recent versions at home for trial scans and >> finding ways in. >> >> Joe <http://www.autronix.com> >> ------------------------------ >> <http://www.autronix.com> >> >> >> >> >> >> *From: Robin Wood Sent: 11/17/2013 9:03 AM To: Ed Skoudis Cc: >> [email protected] Subject: Re: [GPWN-list] Pen Testing Lab >> Images/Systems setup <http://www.autronix.com>* >> >> >> >> On 17 November 2013 13:46, Ed Skoudis <*[email protected]*> wrote: >> > Great stuff, guys! >> > >> > You also may want to check out the mind map by Aman Hardikar .M. Great >> > stuff. >> > >> > *http://www.amanhardikar.com/mindmaps/Practice.html* >> > >> > He allowed us to put it on the SANS Pen Test poster, and I'm very >> grateful >> > for that. >> > >> > --Ed. >> > >> >> If asked last year I'd have suggested MS TechNet as a great way to get >> licences for most MS products but they have cancelled that program now >> so can't subscribe any more :( >> >> I would suggest though looking through some of the MS tutorials on how >> to set up their tools, for example this on SharePoint >> *http://technet.microsoft.com/en-us/library/jj658588.aspx* . It tells >> you how MS would expect the systems to be set up so gives you a good >> idea of the base level for a lot of builds. >> >> Robin >> >> > >> > On Nov 16, 2013, at 11:52 PM, Julian Makas < >> *[email protected]*> >> > wrote: >> > >> > We have a couple scenarios in play at my place. >> > >> > Our "attack lab" has all of the normal pwn-able images (ie. >> metasploitable, >> > DVWA, etc.). >> > >> > Out "test lab" is 1/2 Fort Knox and 1/2 realistic network based on what >> we >> > are seeing as a norm amongst our clients. >> > >> > The Fort Knox side is a sudo war games between our admin group and >> security >> > group where the realistic side tries to mimic a common baseline of what >> we >> > see going on in our client networks. This give us some red and blue team >> > benefits. >> > >> > Attack lab is for training. >> > >> > Hardened and baseline networks are for training and bragging rights but >> > mostly used for testing engagement scenarios where we have to step >> outside >> > of the box. >> > >> > What do you need your lab to do for you? Let you train? Let you test >> poc and >> > new concepts? Crash your lab box before you crash a clients server >> while on >> > an engagement? >> > >> > It all depends on what you want to do, but you'll eventually want >> aspects of >> > all of these. >> > >> > - J >> > >> > >> > >> > Sent from my iPhone >> > >> > On Nov 16, 2013, at 7:16 PM, "James Shewmaker" <*[email protected]*> >> wrote: >> > >> > >> > On Sat, Nov 16, 2013 at 2:29 PM, Jamil Ben Alluch <*[email protected]* >> > >> > wrote: >> >> >> >> Hello, >> >> >> >> This may be a recurring question, but I still wanted to get some input. >> >> >> >> What kind of systems do you normally use for your pen-testing labs; >> more >> >> specifically, are there pre-set images that you use for testing >> >> vulnerabilities and practice ("Ready-to-Hack" systems)? >> >> >> >> >> > Hi Jamil, >> > >> > You can get started with *vulnhub.com*. They have some free (but >> hosted via >> > VPN) pre-configured scenarios, including some you can download. The >> > vuln-injector program they have is great for weakening a random Windows >> VM >> > so you can experiment with a closer-to-real-world target. There is also >> our >> > scenario engine, currently in closed beta, at *bunker011.com* (almost >> 800 >> > different hosted VMs)--you could try registering and see if you get >> invited. >> > ;) >> > >> > It would be interesting to see if you could use the free VPN hosted >> > projects, and use dd+netcat to steal them ... Interested, not endorsed! >> > >> > >> > _______________________________________________ >> > gpwn-list mailing list >> > *[email protected]* >> > *https://lists.sans.org/mailman/listinfo/gpwn-list* >> > >> > _______________________________________________ >> > gpwn-list mailing list >> > *[email protected]* >> > *https://lists.sans.org/mailman/listinfo/gpwn-list* >> > >> > >> > >> > _______________________________________________ >> > gpwn-list mailing list >> > *[email protected]* >> > *https://lists.sans.org/mailman/listinfo/gpwn-list* >> > >> _______________________________________________ >> gpwn-list mailing list >> *[email protected]* >> *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> >> >> >> _______________________________________________ >> gpwn-list mailing list >> *[email protected]* >> *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> >> >> <http://www.autronix.com> >> >> >> _______________________________________________ >> gpwn-list mailing list >> *[email protected]* >> *https://lists.sans.org/mailman/listinfo/gpwn-list*<http://www.autronix.com> >> >> <http://www.autronix.com> >> >> ------------------------------ >> >> This message is intended for the sole use of the addressee, and may >> contain information that is privileged, confidential and exempt from >> disclosure under applicable law. If you are not the addressee you are >> hereby notified that you may not use, copy, disclose, or distribute to >> anyone the message or any information contained in the message. If you have >> received this message in error, please immediately advise the sender by >> reply email and delete this message. >> >> _______________________________________________ >> gpwn-list mailing list >> [email protected] >> https://lists.sans.org/mailman/listinfo/gpwn-list >> >>
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
