open source tools help (contract) in DC area?
Howard C. Berkowitz
hcb at gettcomm.com
Mon Jul 25 17:12:51 UTC 2005
I need to get some short-term contract help on setting up a lab
dealing with SP security issues, in the Washington DC area. Please
contact me offline if interested. I am the technoid and will pass you
on for the mercenary aspects.
ccitraining.net is developing a complex set of network security lab
exercises involving Cisco routers and switches, Slackware 10.0 LINUX
servers and workstations, and Windows workstations, the latter to be
infected with worms as part of running the lab.
We need a *NIX administrator to help us get the appropriate,
primarily open-source tools installed, running, and documented. Since
we do not intend to teach the full tool command set, we will need
shell scripts and/or command files to be piped to a telnet/SSH client
to let the students access useful tool functions without being fully
trained in the device. For that reason, we expect the primary
interface to the tools will be command line, so that the tool control
can be scripted. Students will use GUI functions only to display
output from tools, or to access graphic functions in the tools.
Since there are multiple people working on the project in a virtual
team, at different locations, it is absolutely essential that
documentation be generated at the start of working with a tool, and
then to be polished with final parameterization and use
documentation. Documentation can be at the level of a couple of man
pages, but it is essential that other team members can quickly find
out how to parameterize and invoke the tools. Project managers also
need to be able to track the status of tool implementation -- we do
not consider an undocumented tool as installed.
Identified tools include:
syslogd
RRD (successor to MRTG)
MIB objects to be accessed
Flowscan/Flowtools (successors to cflowd)
Ethereal
In addition, we will need a number of scripting tools to make
incremental changes to router, switch and host configurations, as
well as loading complete executables and images. We will also need
Windows control to infect hosts with specific viruses and possibly
bots, and to restore infected hosts to a stable environment.
Understanding, from the Windows and protocol standpoint, of worms,
other DDoS, and BOTNETs will be very helpful. Knowledge of packet
crafting tools for *NIX, which let us build arbitrary protocol
packets to be used in attacking hosts and routers, will also be a big
help.
More information about the NANOG
mailing list