Although the use of physical machines to create a hacking lab is an acceptable
solution, the use of virtual machines provides several key benefits.First,
given today’s processing power, it is easy to set up and create a mini hacking
lab on a single machine or laptop. In most cases, an average machine can run
two or three virtual machinessimultaneously because our targets can be set
up using minimal resources. Even running on a laptop, it is possible to run
two virtual machines at the same time. The added benefit of using a laptop isthe fact that your lab is portable. With the cheap cost of external storage today,
it is easily possible to pack hundreds of virtual machines on a single external
hard drive; these can be easilytransported and set up in a matter of minutes.
Anytime you are interested in practicing your skills or exploring a new tool,
simply open up Backtrack and deploy a VM as a target. Setting up a lab likethis
gives you the ability to quickly plug-and-play with various operating systems
Another benefit of using virtual machines in your pen testing lab is the fact
that it is verysimple to sandbox your entire system. Simply turn off the wireless
card and unplug the cable from the Internet. Your physical machine and
virtual machines will still be able to communicate with eachother and you can
be certain that no attack traffic will leave your physical machine.
In general, penetration testing is a destructive process. Many of the tools and
exploits we run can causedamage or take systems offline. In some cases, it is
easier to reinstall the OS or program rather than attempt to repair it. This is
another area where VMs shine. Rather than having to physicallyreinstall a program
like SQL server or even an entire operating system, the VM can be quickly
reset or restored to its original configuration.
PHASES OF A PENETRATION TEST
Like most things, the...