Building a Penetration Testing Lab
- Only through practice can someone improve his skills.
- Keep things as simple as possible—don’t unnecessarily complicate.
- Re-creating old exploits is great practice.
- A pen test lab must be completely isolated from any other network.
- Cabled and wireless pen test labs should be isolated from one another.
- Once you break into your wireless, move to your cabled.
- You could put in shielding to have your secure lab not leak wireless signals.
- You must secure the pen test lab from any and all unauthorized access.
- Some of the things a malicious user would like to know is:
- IP addresses of machines
- Operating system versions
- Patch versions
- Configuration files
- Login files
- Start-up scripts
- Be paranoid.
- Change appliance ...