Chapter 9

Building a Penetration Testing Lab

  • Only through practice can someone improve his skills.
  • Keep things as simple as possible—don’t unnecessarily complicate.
  • Re-creating old exploits is great practice.
  • A pen test lab must be completely isolated from any other network.
  • Cabled and wireless pen test labs should be isolated from one another.
  • Once you break into your wireless, move to your cabled.
  • You could put in shielding to have your secure lab not leak wireless signals.
  • You must secure the pen test lab from any and all unauthorized access.
  • Some of the things a malicious user would like to know is:
    • IP addresses of machines
    • Operating system versions
    • Patch versions
    • Configuration files
    • Login files
    • Start-up scripts
  • Be paranoid.
  • Change appliance ...

Get Conducting Network Penetration and Espionage in a Global Environment now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.