Hardware Equipment for Penetration Testing Labs
Before you start building your penetration testing lab you must consider what kind of lab need in order to have the appropriate equipment.So the hardware requirements depend of the type of the lab that you want to have.
There are five types of Labs that you can create:
You might want to recreate the network of your company in your lab in order to have realistic and proper results.
If you have the budget and the space you can have a physical lab with a complete set of networking devices (routers,switches,hubs) and a hardware firewall.Otherwise you can create a virtual lab with many hosts with different operating systems which is a more economical approach and provides flexibility in case that you want to recover/rebuild your lab.
The number of the computers that you have in your availability will depend probably of the budget that you have to spend for the penetration testing lab.It is always better to have many workstations with different operating systems installed however you can do the job with 2 computers by creating a virtual lab.
Of course you will need Ethernet cables with the RJ-45 connectors.Crossover and loopback adapters can prove handy.Also if you have include in your lab network and routers you will need and some rollover cables.Having a wide variety of different cables will allow you to have different network topologies according to your needs.
Hubs,Switches and Routers
These components are essential if you have a physical lab because you can create a proper network.It is almost impossible not to find Cisco products in every network that you will go for your penetration tests so choosing to build your lab with Cisco products it is a brilliant idea.However Cisco products are expensive so you probably want to find some older versions.
Removable disk storage
You might want to have some USB and FireWire drives that will allow you to save and restore the images of your systems in case that become corrupt during a test.
It is almost a necessity to have a Network-attached storage (NAS) which you can keep copies of configuration files,software,system images and tools.The NAS will act as a central storage location so that you can access it from your network hosts.
In companies networks it is almost impossible not to meet a Firewall and specific firewall policies.Installing and setting up a firewall for your lab can help you to build up realistic scenarios.
Wireless Routers,WiFi Access Points and Cards
If your company has also a wireless network or you are offering and wireless penetration testing services and you need also training some wireless cracking tools then you must have the proper equipment.WiFi cards,Access points and Wireless Router will help you to build a WiFi network for your tests.
KVM,Power Strips and Surge Suppressors
If you build a lab with many workstations then you will not want to deal with a bunch of monitors,mice and keyboards that will limit your space in the lab.A KVM switch can save a lot of space.Also you need to have power strips,surge suppressors and maybe a UPS.
As a conclusion your hardware gear must include the following:
- Removable disk storage
- Cisco equipment
- Network-attached storage (NAS)
- Keyboard,Video,Mouse switches (KVM)
- Power strips and Surge suppressors
- Wireless Access Points
- Networking Tools
Remember also that before buying the hardware components for your penetration testing lab you should ensure that the hardware will support what is commonly used in the corporate world.
Your lab must be isolated from the rest of network and with no access to Internet.Remember this will be your playground that you want to test tools,exploits and analyze malware so you cannot risk to contaminate the corporate network of your company.Also you wouldn’t want to connect your vulnerable network to the Internet.