|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical open source tools help (contract) in DC area?
I need to get some short-term contract help on setting up a lab dealing with SP security issues, in the Washington DC area. Please contact me offline if interested. I am the technoid and will pass you on for the mercenary aspects. ccitraining.net is developing a complex set of network security lab exercises involving Cisco routers and switches, Slackware 10.0 LINUX servers and workstations, and Windows workstations, the latter to be infected with worms as part of running the lab. We need a *NIX administrator to help us get the appropriate, primarily open-source tools installed, running, and documented. Since we do not intend to teach the full tool command set, we will need shell scripts and/or command files to be piped to a telnet/SSH client to let the students access useful tool functions without being fully trained in the device. For that reason, we expect the primary interface to the tools will be command line, so that the tool control can be scripted. Students will use GUI functions only to display output from tools, or to access graphic functions in the tools. Since there are multiple people working on the project in a virtual team, at different locations, it is absolutely essential that documentation be generated at the start of working with a tool, and then to be polished with final parameterization and use documentation. Documentation can be at the level of a couple of man pages, but it is essential that other team members can quickly find out how to parameterize and invoke the tools. Project managers also need to be able to track the status of tool implementation -- we do not consider an undocumented tool as installed. Identified tools include: syslogd RRD (successor to MRTG) MIB objects to be accessed Flowscan/Flowtools (successors to cflowd) Ethereal In addition, we will need a number of scripting tools to make incremental changes to router, switch and host configurations, as well as loading complete executables and images. We will also need Windows control to infect hosts with specific viruses and possibly bots, and to restore infected hosts to a stable environment. Understanding, from the Windows and protocol standpoint, of worms, other DDoS, and BOTNETs will be very helpful. Knowledge of packet crafting tools for *NIX, which let us build arbitrary protocol packets to be used in attacking hosts and routers, will also be a big help.
|