Re: Building a Practical Penetration Test Lab
On 13 November 2010 01:50, Chet Langin wrote: > -Original Message- > >>I have run OpenBSD in production on both VMWare server and ESXi. It was > the only machine >facing the Internet that the auditors had no findings on. >> >>-- >> >>Edward Ahlsen-Girard >>Ft Walton Beach, FL > > > > Which is good, but, then, it appears to me that VMWare and ESXi become > comparatively weak links in the setup. True. Based on the research performed by Tavis Ormandy at Google [1], the weakest virtual machine can become an entry point to then be used to subvert the host server or other adjacent virtual machines. So it seems to me that security in a virtualized environment is limited to the combination of the security of the least secure exposed VM and the security of the host. Exploit a vulnerable VM and then it's vulnerable host and you now own all the VM's served by that host, including the OpenBSD ones. If OpenBSD is not in control of ring zero, you lose. Alas, sometimes we have no choice. 1. http://taviso.decsystem.org/virtsec.pdf Shane
Re: Building a Practical Penetration Test Lab
On Fri, 12 Nov 2010 14:56:24 -0800 Bryan Irvine wrote: > > I've heard of people not even getting past the install even with a > > hardware virtualisation capable cpu. > > On VirtualBox this is probably more to do with the dynamic image size. > You have to create the disk image as a fixed size in order to > complete the install. After that it works fine. > > -Bryan > Interesting and good to know, but if the virtualisation was fundamentally flawed like theo said then it makes me wonder about the rest of the code and dynamic size disks work fine on vmware with OpenBSD.
Re: Building a Practical Penetration Test Lab
On Sat, 13 Nov 2010 01:27:21 +0100 Tomas Vavrys wrote: > Is it better to test everything in Windows 7 via Virtualbox. I would have have thought from wherever your pentest tools are? KVM is another option For some things, epecially panics and load tesing/dos. OpenBSD would need to be native
Re: Building a Practical Penetration Test Lab
> From: "Chet Langin" > Date: 2010-11-12 14:50:59 > > -Original Message- > > >I have run OpenBSD in production on both VMWare server and ESXi. It > >was > the only machine >facing the Internet that the auditors had no > findings on. > > > >-- > > > >Edward Ahlsen-Girard > >Ft Walton Beach, FL > > > > Which is good, but, then, it appears to me that VMWare and ESXi > become comparatively weak links in the setup. > > > -- > Chet Langin, ABD, GCIA, GSEC > SIU IT Information Security Analyst True, but I did not have discretion to install to hardware. Did the best I could. -- Edward Ahlsen-Girard Ft Walton Beach, FL
Re: Building a Practical Penetration Test Lab
It's been a long time since I posted it. It was my first post to mailing list. Thank you for reminding me this. I've gotten in touch with stunning piece of work called OpenBSD, found a great friend and learned a lot of things thanks to OpenBSD. Thank you. It's amazing how time passes... 2010/11/12 Hugo Osvaldo Barrera : > On 10/05/10 12:47, TomC!E! Vavys wrote: >> Hello, >> >> I would like to become helpful OpenBSD developer (pentester) one day, >> so I have a few questions. >> >> I am CompSci student at the moment. I consider myself as a white hat >> person and I really enjoy everything about security. It's a shame that >> we need to sleep sometimes, isn't it? >> >> Back to the main topic. I want to migrate to OpenBSD from ArchLinux. >> But I have these conditions. I travel a lot, so I need everything all >> in laptop(one). I am thinking about Windows 7 and OpenBSD dualboot >> because of my hardware support in Windows 7. I'd like to to use HDMI >> sometimes. So my questios are: >> >> 1) What is the best possible way how to setup my penetration lab? I >> used Virtualbox in Archlinux, but I am new to BDS so I want to ask you >> what is different here in virtualization. Is it better to test >> everything in Windows 7 via Virtualbox. Or is it better to test >> everything via Qemu in OpenBSD? Are there any restrictions? What is >> your pentest lab setup like? >> >> 2) I'd like to use disk encryption which prompts me for password >> at startup and then there will be 2 options for boot (Windows 7 or >> OpenBSD). How can I do this to keep OpenBSD totally safe from >> Windows 7? Can Windows 7 hurt my OpenBSD in any possible way? If yes, >> how can I prevent this? >> >> Thank you for your answers and patience. >> >> Toma9 Vavrys >> -- >> Website: http://blog.cleancode.cz/ >> > > This might help with full disc encryption: > - http://16s.us/OpenBSD/softraid.txt > - man softraid > - man bioctl > > Obviously, windows can't read anything. B I can, of course, write, or > delete you data. > > The best penetration testing is though two physical computers, to better > simulate real conditions. > OpenBSD doesn't run properly on VirtualBox (it does install on the > latest version), and I belive virtualization is not really supported. > > > -- > Hugo Osvaldo Barrera
Re: Building a Practical Penetration Test Lab
> I've heard of people not even getting past the install even with a > hardware virtualisation capable cpu. On VirtualBox this is probably more to do with the dynamic image size. You have to create the disk image as a fixed size in order to complete the install. After that it works fine. -Bryan
Re: Building a Practical Penetration Test Lab
On Fri, 12 Nov 2010 13:06:45 -0600 "L. V. Lammert" wrote: > At 04:01 AM 11/12/2010, Kevin Chadwick wrote: > > >If you insist and I don't know about the latest version, then vmware is > >likely much more reliable than virtualbox but still more problematic > >than a true install. There is a blog on the virtual box site by theo > >stating he can't believe any OS allows the problems virtualbox > >introduces(d). > > We did find out that VirtualBox must run on a hardware-capable > platform [AMD-3 or better] to successfully build an OBSD image, however. > > Lee > I've heard of people not even getting past the install even with a hardware virtualisation capable cpu. > VirtualBox might have problems, but at least it produces a working > install with a UI - VMWare seems to have so many variations that they > forgot to include a USABLE one without purchasing the expensive > management tools. > Yeah I used to edit the configs manually but things have changed there is now a more capable UI with the free vmware player than virtual box (ignoring the pretty nifty auto focus grab in virtualbox), the only missing thing being you need workstation for 3d support whereas virtualbox has free experimental 3d support. To me it's a bit like a blackberry, I'll play with it but would you trust one knowing the people who made it also made a server which can be rooted simply by sending an email with a pdf attached, it's a mail server for crying out loud and I thought exchange with admins using microsoul internet exploiter was bad. CESG and Obama should be ashamed for not publicising the changes that were insisted on and for approving/forcing it fullstop exacerbating the false sense of security.
Re: Building a Practical Penetration Test Lab
At 04:01 AM 11/12/2010, Kevin Chadwick wrote: If you insist and I don't know about the latest version, then vmware is likely much more reliable than virtualbox but still more problematic than a true install. There is a blog on the virtual box site by theo stating he can't believe any OS allows the problems virtualbox introduces(d). VirtualBox might have problems, but at least it produces a working install with a UI - VMWare seems to have so many variations that they forgot to include a USABLE one without purchasing the expensive management tools. We did find out that VirtualBox must run on a hardware-capable platform [AMD-3 or better] to successfully build an OBSD image, however. Lee
Re: Building a Practical Penetration Test Lab
-Original Message- >I have run OpenBSD in production on both VMWare server and ESXi. It was the only machine >facing the Internet that the auditors had no findings on. > >-- > >Edward Ahlsen-Girard >Ft Walton Beach, FL Which is good, but, then, it appears to me that VMWare and ESXi become comparatively weak links in the setup. -- Chet Langin, ABD, GCIA, GSEC SIU IT Information Security Analyst [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
Re: Building a Practical Penetration Test Lab
From: Michal Date: 2010-11-12 10:15:34 > >> I can confirm that OpenBSD doesn't always work as a virtual > >> machine. So I would focus on using OpenBSD as the host and using > >> some other OS as a client in QEMU. > >> > > If you insist and I don't know about the latest version, then > > vmware is likely much more reliable than virtualbox but still more > > problematic than a true install. There is a blog on the virtual box > > site by theo stating he can't believe any OS allows the problems > > virtualbox introduces(d). > > > > This post by theo was made because developers had wasted their time > > fixing bugs that were caused by virtualbox. If anyone does have > > problems under emulation make sure you can reproduce it natively > > before reporting. > > > I have several OpenBSD boxes running with no problems on some ESXi > servers I have run OpenBSD in production on both VMWare server and ESXi. It was the only machine facing the Internet that the auditors had no findings on. -- Edward Ahlsen-Girard Ft Walton Beach, FL
Re: Building a Practical Penetration Test Lab
On 12/11/2010, Kevin Chadwick wrote: > > If you insist and I don't know about the latest version, then vmware is > likely much more reliable than virtualbox but still more problematic > than a true install. There is a blog on the virtual box site by theo > stating he can't believe any OS allows the problems virtualbox > introduces(d). Latest version is the same, had a friend trying to use it last month. Same random segfaults everywhere. virtualbox is indeed a piece of crap.
Re: Building a Practical Penetration Test Lab
On Fri, Nov 12, 2010 at 11:15 AM, Michal wrote: >>> I can confirm that OpenBSD doesn't always work as a virtual machine. >>> So I would focus on using OpenBSD as the host and using some other OS >>> as a client in QEMU. >>> >> If you insist and I don't know about the latest version, then vmware is >> likely much more reliable than virtualbox but still more problematic >> than a true install. There is a blog on the virtual box site by theo >> stating he can't believe any OS allows the problems virtualbox >> introduces(d). >> >> This post by theo was made because developers had wasted their time >> fixing bugs that were caused by virtualbox. If anyone does have >> problems under emulation make sure you can reproduce it natively before >> reporting. >> > I have several OpenBSD boxes running with no problems on some ESXi servers OpenBSD-current with vmt(4) + sysutils/vmwh (from ports) makes a very decent virtual machine using VMware Server (Win, Linux) or VMware Fusion (Mac). ciao, David
Re: Building a Practical Penetration Test Lab
I can confirm that OpenBSD doesn't always work as a virtual machine. So I would focus on using OpenBSD as the host and using some other OS as a client in QEMU. If you insist and I don't know about the latest version, then vmware is likely much more reliable than virtualbox but still more problematic than a true install. There is a blog on the virtual box site by theo stating he can't believe any OS allows the problems virtualbox introduces(d). This post by theo was made because developers had wasted their time fixing bugs that were caused by virtualbox. If anyone does have problems under emulation make sure you can reproduce it natively before reporting. I have several OpenBSD boxes running with no problems on some ESXi servers
Re: Building a Practical Penetration Test Lab
On Fri, 12 Nov 2010 00:51:49 -0500 Jeremy Chase wrote: > 2010/11/11 Hugo Osvaldo Barrera : > > On 10/05/10 12:47, Toma9 Vavys wrote: > >> Hello, > >> > >> I would like to become helpful OpenBSD developer (pentester) one day, > >> so I have a few questions. > >> > >> I am CompSci student at the moment. I consider myself as a white hat > >> person and I really enjoy everything about security. It's a shame that > >> we need to sleep sometimes, isn't it? > >> > >> Back to the main topic. I want to migrate to OpenBSD from ArchLinux. > >> But I have these conditions. I travel a lot, so I need everything all > >> in laptop(one). I am thinking about Windows 7 and OpenBSD dualboot > >> because of my hardware support in Windows 7. I'd like to to use HDMI > >> sometimes. So my questios are: > >> > >> 1) What is the best possible way how to setup my penetration lab? I > >> used Virtualbox in Archlinux, but I am new to BDS so I want to ask you > >> what is different here in virtualization. Is it better to test > >> everything in Windows 7 via Virtualbox. Or is it better to test > >> everything via Qemu in OpenBSD? Are there any restrictions? What is > >> your pentest lab setup like? > >> > >> 2) I'd like to use disk encryption which prompts me for password > >> at startup and then there will be 2 options for boot (Windows 7 or > >> OpenBSD). How can I do this to keep OpenBSD totally safe from > >> Windows 7? Can Windows 7 hurt my OpenBSD in any possible way? If yes, > >> how can I prevent this? > >> > >> Thank you for your answers and patience. > >> > >> Toma9 Vavrys > >> -- > >> Website: http://blog.cleancode.cz/ > >> > > > > This might help with full disc encryption: > > - http://16s.us/OpenBSD/softraid.txt > > - man softraid > > - man bioctl > > > > Obviously, windows can't read anything. B I can, of course, write, or > > delete you data. > > > > The best penetration testing is though two physical computers, to better > > simulate real conditions. > > OpenBSD doesn't run properly on VirtualBox (it does install on the > > latest version), and I belive virtualization is not really supported. > > > > > > -- > > Hugo Osvaldo Barrera > > > > > > I can confirm that OpenBSD doesn't always work as a virtual machine. > So I would focus on using OpenBSD as the host and using some other OS > as a client in QEMU. > If you insist and I don't know about the latest version, then vmware is likely much more reliable than virtualbox but still more problematic than a true install. There is a blog on the virtual box site by theo stating he can't believe any OS allows the problems virtualbox introduces(d). This post by theo was made because developers had wasted their time fixing bugs that were caused by virtualbox. If anyone does have problems under emulation make sure you can reproduce it natively before reporting.
Re: Building a Practical Penetration Test Lab
2010/11/11 Hugo Osvaldo Barrera : > On 10/05/10 12:47, Toma9 Vavys wrote: >> Hello, >> >> I would like to become helpful OpenBSD developer (pentester) one day, >> so I have a few questions. >> >> I am CompSci student at the moment. I consider myself as a white hat >> person and I really enjoy everything about security. It's a shame that >> we need to sleep sometimes, isn't it? >> >> Back to the main topic. I want to migrate to OpenBSD from ArchLinux. >> But I have these conditions. I travel a lot, so I need everything all >> in laptop(one). I am thinking about Windows 7 and OpenBSD dualboot >> because of my hardware support in Windows 7. I'd like to to use HDMI >> sometimes. So my questios are: >> >> 1) What is the best possible way how to setup my penetration lab? I >> used Virtualbox in Archlinux, but I am new to BDS so I want to ask you >> what is different here in virtualization. Is it better to test >> everything in Windows 7 via Virtualbox. Or is it better to test >> everything via Qemu in OpenBSD? Are there any restrictions? What is >> your pentest lab setup like? >> >> 2) I'd like to use disk encryption which prompts me for password >> at startup and then there will be 2 options for boot (Windows 7 or >> OpenBSD). How can I do this to keep OpenBSD totally safe from >> Windows 7? Can Windows 7 hurt my OpenBSD in any possible way? If yes, >> how can I prevent this? >> >> Thank you for your answers and patience. >> >> Toma9 Vavrys >> -- >> Website: http://blog.cleancode.cz/ >> > > This might help with full disc encryption: > - http://16s.us/OpenBSD/softraid.txt > - man softraid > - man bioctl > > Obviously, windows can't read anything. B I can, of course, write, or > delete you data. > > The best penetration testing is though two physical computers, to better > simulate real conditions. > OpenBSD doesn't run properly on VirtualBox (it does install on the > latest version), and I belive virtualization is not really supported. > > > -- > Hugo Osvaldo Barrera > > I can confirm that OpenBSD doesn't always work as a virtual machine. So I would focus on using OpenBSD as the host and using some other OS as a client in QEMU.
Re: Building a Practical Penetration Test Lab
On 10/05/10 12:47, Toma9 Vavys wrote: > Hello, > > I would like to become helpful OpenBSD developer (pentester) one day, > so I have a few questions. > > I am CompSci student at the moment. I consider myself as a white hat > person and I really enjoy everything about security. It's a shame that > we need to sleep sometimes, isn't it? > > Back to the main topic. I want to migrate to OpenBSD from ArchLinux. > But I have these conditions. I travel a lot, so I need everything all > in laptop(one). I am thinking about Windows 7 and OpenBSD dualboot > because of my hardware support in Windows 7. I'd like to to use HDMI > sometimes. So my questios are: > > 1) What is the best possible way how to setup my penetration lab? I > used Virtualbox in Archlinux, but I am new to BDS so I want to ask you > what is different here in virtualization. Is it better to test > everything in Windows 7 via Virtualbox. Or is it better to test > everything via Qemu in OpenBSD? Are there any restrictions? What is > your pentest lab setup like? > > 2) I'd like to use disk encryption which prompts me for password > at startup and then there will be 2 options for boot (Windows 7 or > OpenBSD). How can I do this to keep OpenBSD totally safe from > Windows 7? Can Windows 7 hurt my OpenBSD in any possible way? If yes, > how can I prevent this? > > Thank you for your answers and patience. > > Toma9 Vavrys > -- > Website: http://blog.cleancode.cz/ > This might help with full disc encryption: - http://16s.us/OpenBSD/softraid.txt - man softraid - man bioctl Obviously, windows can't read anything. I can, of course, write, or delete you data. The best penetration testing is though two physical computers, to better simulate real conditions. OpenBSD doesn't run properly on VirtualBox (it does install on the latest version), and I belive virtualization is not really supported. -- Hugo Osvaldo Barrera
Building a Practical Penetration Test Lab
Hello, I would like to become helpful OpenBSD developer (pentester) one day, so I have a few questions. I am CompSci student at the moment. I consider myself as a white hat person and I really enjoy everything about security. It's a shame that we need to sleep sometimes, isn't it? Back to the main topic. I want to migrate to OpenBSD from ArchLinux. But I have these conditions. I travel a lot, so I need everything all in laptop(one). I am thinking about Windows 7 and OpenBSD dualboot because of my hardware support in Windows 7. I'd like to to use HDMI sometimes. So my questios are: 1) What is the best possible way how to setup my penetration lab? I used Virtualbox in Archlinux, but I am new to BDS so I want to ask you what is different here in virtualization. Is it better to test everything in Windows 7 via Virtualbox. Or is it better to test everything via Qemu in OpenBSD? Are there any restrictions? What is your pentest lab setup like? 2) I'd like to use disk encryption which prompts me for password at startup and then there will be 2 options for boot (Windows 7 or OpenBSD). How can I do this to keep OpenBSD totally safe from Windows 7? Can Windows 7 hurt my OpenBSD in any possible way? If yes, how can I prevent this? Thank you for your answers and patience. Toma9 Vavrys -- Website: http://blog.cleancode.cz/