Latest Comments

admin

In response to: How to set up a software hacking lab - part 3 - networking

admin [Member]
When in doubt, always use internal. For a malware analysis lab you should make sure it is internal, you do not want to have the malware "brake out" of the VM, also do not start other VM's at the same time since the malware might try to infect them.

Depending on the malware under investigation I would even disable the networking of the VM completely (e.g. to investiagte a virus) and possible destroy the VM afterwards, no rollback but really deleting the VM with a secure erase program.
PermalinkPermalink 20/11/12 @ 08:39
Vella

In response to: How to set up a software hacking lab - part 3 - networking

Vella [Visitor]
I would like which mode is safe because I'm trying to set up my malware analysis lab
PermalinkPermalink 20/11/12 @ 08:29
admin

In response to: How to set up a software hacking lab - PDF download

admin [Member]
Did you set both the virtual systems networking the same, either inet or bridged? If you look at the IP your virtual systems have, do they start with 10.? If they do not start with 10. then they are probably not internal and your networking is either disabled (no IP) or NAT (using the host) ...
PermalinkPermalink 25/07/12 @ 06:50
A

In response to: How to set up a software hacking lab - PDF download

A [Visitor]
Hi, I setup my hacking lab in virtual box.
but when i am trying to ping another virtual OS ip, it shows "Request time out". Same error shown from another side virtual OS also.
Can you please help me to sort this problem.
PermalinkPermalink 24/07/12 @ 15:21
absk007

In response to: How to set up a software hacking lab - part 0

absk007 [Visitor]
Certainly, your series of guides about this will be a high quality investment of my time. I always needed this kindda guides. But...no where else could I find.
PermalinkPermalink 02/03/12 @ 20:12
admin

In response to: How to set up a software hacking lab - part 3 - networking

admin [Member]
There are actually four modes and they could be summarised as such:

Host: combines bridged and internal modes in such a way that all virtual machines and the hosting system can talk to each other but the virtual machines can not get to the outside world

NAT: default mode, connects through the hosting system to the external network, different virtual machines cannot talk talk to each other in this mode

Internal: virtual machines can talk to each other but NOT to the outside world, the physical network interface of the hosting system is not even used, since this will prevent the hosting system to communicate with the virtual machines your vulnerable (targets) it is preferred because your machine is now safe from hackers that could reach your hosting system through a virtual machine (e.g. by means of a trojan in one of the vulnerable applications)

Bridged: virtual machines use the physical network interface from the hosting system and as such the virtual machine can reach the outside network if you set up the bridge (between hosting machine and virtual machine) correctly, as such multiple virtual machines can also talk to each other
PermalinkPermalink 13/01/12 @ 13:17
Area-51

In response to: How to set up a software hacking lab - part 3 - networking

Area-51 [Visitor]
Hi,
Wow, it was a exhaustive and wonderful article on setting up H-Lab. I have set up around six month back and was not sure about network settings on virtual box, moreover Only now i got more time to start learning, I was using as Bridged Network as I can browse net too while attacking my vulnerbale app. I realise recently that it should be used as Host/NAT/Internal. Currently I got set it as Host, your article points using as Internal...Any key difference between these three? can you highlight please?
-A51
PermalinkPermalink 05/01/12 @ 10:59
admin

In response to: Downtime

admin [Member]
That's the strange thing I had some 600 visits before it went down but about a month ago I had a load of traffic from a forum and HN that lead to 2200 visits and nothing happened ... I think it is due to the latest release if the blog software, I suspect that it needs more CPU cycles to generate the html pages. I'm looking into that area now.
PermalinkPermalink 11/11/11 @ 00:13
Oisín

In response to: Downtime

Oisín [Visitor]
Possibly because your post on ethical hacking got picked up by a Codeproject newsletter and lots of people tried to look at it simultaneously :D
PermalinkPermalink 10/11/11 @ 15:46
admin

In response to: On ethical hacking, colored hats and hacktivism

admin [Member]
The Six Thinking Hats article is quite interesting, I had not heard about this.

Thx a lot for that info.
PermalinkPermalink 08/11/11 @ 14:32
Clint Laskowski

In response to: On ethical hacking, colored hats and hacktivism

Clint Laskowski [Visitor]
You are largely correct with regards to the colors of the hacking hats: white, black, and gray. However, another source for the reasons for the colored hats comes from the Six Thinking Hats by DeBono (see http://www.debonogroup.com/six_thinking_hats.php), and from military capture the flag contests where the blue team are the defenders and the red team are the attackers. I spent 23 years in the military, working on capture the flag contests for my final three years. This is why I called my business, which was to help companies protect their information, "BlueHat Security." Unfortunately, that business is all but defunct at this point :-(
PermalinkPermalink 08/11/11 @ 14:27
Lilash

In response to: How to set up a software hacking lab - part 3 - networking

Lilash [Visitor]
Lilash
Really enjoyed this post. Keep writing.
PermalinkPermalink 07/11/11 @ 08:13
Seb

In response to: URLCrazy: is someone spying on your company?

Seb [Visitor]
Nice one dude ;)
PermalinkPermalink 10/10/11 @ 15:42
vasco

In response to: Why start counting at 0 (zero)

vasco [Visitor]
Because Edsger W. Dijkstra say so ... "Why numbering should start at zero"
PermalinkPermalink 10/10/11 @ 12:22
Iphone10

In response to: How to set up a software hacking lab - part 0

Iphone10 [Visitor]
Iphone10
Major thanks for the article.Really thank you! Keep writing.
PermalinkPermalink 03/10/11 @ 00:39
Arvada Implant Dentist

In response to: How to set up a software hacking lab - part 0

Arvada Implant Dentist [Visitor]
Arvada Implant Dentist
I really enjoy the blog post.Thanks Again. Fantastic.
PermalinkPermalink 01/10/11 @ 06:46
admin

In response to: How to set up a software hacking lab - part 0

admin [Member]
@VwX

First, to get started right away you could download and use a live CD like the OWASP live CD that you can find on https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

By booting this CD you will have some tools and targets to practice on and it should run on your current system so you can already make some progress.

Now with regards to your questions:
1&2. I would advice not to use the windows as the hosting system (since it will eat up a lot of resources that for example a XUBUNTU would not) but should you really want that then you certainly need a firewall, a virus scanner and an anti mallware scanner. There are many free products available for this such as zone alarm firewall, avast anti virus and Ad-Aware against mallware. At the time you are installing your system you should google and have a look around and compare the free tools, many websites have such comparisons. There are also many guides on how to secure a Windows computer, The best starting point would probably be this guide from Microsoft itself but since I do not often use windows I cannot vouch for any other guides you might find ... http://technet.microsoft.com/en-us/library/ee712767.aspx

3. I would choose virtualbox from oracle since that is available on any operating system for free so even should you later switch to linux or a Mac your time invested in learning this tool will not be lost. In the next article I will also tell what settings I use for each of the different installs I will make, using that as a guide should get you started.

Hope this helps you on your way ...

Happy Hacking
PermalinkPermalink 26/09/11 @ 16:53
VwX

In response to: How to set up a software hacking lab - part 0

VwX [Visitor]
Hey,
Very nice post man. :) I have planned to buy a laptop with a similar config. Maybe I will set this lab up in it. As of now, I'm using a battered, old system(Pentium 4 and 512 RAM) most of the time and can't really install all these in there. It'll just die. :D
I wanted to ask these:
1. I have a non-activated coy of Windows 7 Ultimate (my classmate gave it to me for half the price as he bought a Mac OSX soon after). Many say that it is the most unsecure of OSs. How can I secure it so that it can be my host system when I set this lab up?
2. I already use Comodo Internet Security in my system and have found this very effective in locking down ports and blocking access to those I don't want to use. Is this enough in my new system or do I need to another?
3. What Virtual Machine software is available for free or for a low cost that is very newbie friendly? (I'm not very bright in using VMware. Its settings confuse me a lot.)

Thanks for answers and sorry for asking too much... :)
PermalinkPermalink 26/09/11 @ 06:07
Andrew Horton

In response to: URLCrazy: is someone spying on your company?

Andrew Horton [Visitor]
Hi,

Nice write up about URLCrazy :)
PermalinkPermalink 22/09/11 @ 00:36