I think one of the best way to learn network security is to let a group of students hack a computer and let another group of students fight against the hacking.
Which would be a better way of setting up the network?
Those computers used for hacking should have only a limited view on those machines to hack and cannot snoop other networks. And the machines set up for being hacked should only be viewed from those attack machines but not from outside the world.
One thing I can think of i setting up a honeynet withing a confined network. Any other idea?
A Honeynet within virtual machine/network would prob be the best way to go I would think. I created a single honeypot for my final year project at uni and found it great.
What OS are you looking at as the target?
Minesh
I have created just such a set up using vmware and now virtualbox.
You need to consider how many virtual machines you would add to such a setup. I suggest at least two attacking machines, one or two middle boxes (routers/firewalls) and a handful of victim systems. It really depends on how complex you want to go and how well funded you are. With 6+ virtual machines you're going to want to look at the machine you're using to host the guest operating systems.
In teaching a Black Hat/White Hat grad course, I've done it two ways. Originally, I set up an isolated "sandbox" of dual-boot Linux/Windows workstations. Now that more powerful workstations are available, I use VMware on a Linux host, which allows me to have multiple workstations & servers for each student. This takes care of the penetration lessons only. For a culminating exercise, my last two classes have been invited to conduct a real-time penetration test of a department which has several servers and many workstations. The latest class will be doing a capture-the-flag exercise through a VPN against a specific target network or across small teams within the class's "sandbox."
Hey guys,
Could you provide some more detailed info?
I sort of know what you guys are talking about, but I am still a newbie.
Is there some white papers on this issue?
Thanks a million.