I chaired a BoF on "Attack Lab Design" last year at SANS Orlando. The supporting docs from that are publicly available here:
http://www.geekspeed.net/~beetle/download/attacklab.html Hope this info helps. Sincerely, Don Indian Tiger wrote: > > My management asks me to give detailed requirements for Penetration Testing > lab setup. Same Lab I would like to utilize for Computer Crime Investigation > as well. Currently we are following OSSTMM as baseline for Penetration > Testing. -- Don Bailey Lead INFOSEC Engineer/Scientist Secure Information Technology The MITRE Corporation ---------------------------------------------------------------------------- Are your vulnerability scans producing just another report? Manage the entire remediation process with StillSecure VAM's Vulnerability Repair Workflow. Download a free 15-day trial: http://www2.stillsecure.com/download/sf_vuln_list.html
