I teach a basic undergraduate computer security class, which is a mix between ethical hacking, incident response, and a little bit of security management. My students do their assignments in a virtual security lab (7 hosts in a VMWare environment). When class is over, I'll post how I set up this lab in a little more detail.
Getting to work this morning, I found the following message in my mailbox:
Subject: host5 is down
Date: 11/25/2008 2:10 AMGood Morning,
I crashed host5 by trying to run the following exploit:
http://milw0rm.com/exploits/7091
The files that should be removed: ~mikei/data/1.c and ~mikei/data/1
~Apologies
That makes me happy ;)
Not only did my students feel the urge to play around in the virtual
lab in the middle of the night (the deadline isn't for a few weeks), they were also able to identify what they did, and were open and honest about it.
I wish everyone would be so forthcoming. Mistakes are there to be made and learned from. As an information security manager, it should be your job to encourage people to disclose mistakes to you without necessarily being afraid for their jobs.
Now, this is not to say that I wouldn't be extremely mad if someone if in a commercial environment crashes a production server by trying to run milw0rm exploit code on it, but I would still rather know ;)
Yeah me and Dave are sort of addicted... We have caught each other on there at 3 am cracking passwords or trying to write buffer overflows(which is very frustrating at the moment). My putty is running a lot in the background to feed into my procrastinating other much less interesting work.
Looking forward to your blog post about how you set the whole network up once we are done with it.
Hi Kees,
Am I overlooking your blogpost where you discus in more detail how you setup your lab? I'm very interested in the way you set it up.
Groeten,
Raymond.
Good point; completely forgot about it.
I'll do a writeup soon(ish). If you're in a hurry, shoot me an email!