SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Tuesday, January 4, 2011

TaoSecurity Lab

Posted on 2:17 PM by Unknown
In a recent blog comment one of you asked about TaoSecurity lab. This is a collection of my own gear -- nothing associated with my corporate employer. I decided to post the diagram at left in case someone found it useful.

To summarize the color scheme: 1) blue (and the blue squiggle) means "wireless access," regardless of the nature of the device (phone, appliance, laptop, etc.); 2) green means Cisco; 3) gray means "appliance"; 4) peach (?) means server; and 5) orange means no IP address (e.g., two dumb taps). The two small purple arrows represent lines running to a sensor for monitoring purposes.

As you can see, there are two main segments. The blue devices all connect via wireless to the main network. You could consider the blue devices (and the supported WAP, iTap, and gateway) to be "production." The other devices are all wired, and they are more for "research." In other words, if the Cisco 2651xm router or anything else connected to it dies, no one but me will likely care!

A few aspects of this lab stand out to me:

  • The number of wired devices is roughly equal to the number of wireless devices. A few years ago I had a couple dozen white box systems that took nearly all the shelf space in my wire racks. Now wireless devices generate most of the interesting traffic.

  • I've replaced most hardware systems with virtual systems. The 2950iii is an ESXi server with 10 NICs. With so many NICs I can simulate systems on multiple VLANs on real hardware switches.

  • I like having three Cisco switches and a router. They aren't really necessary but a real layer 3 switch plus two real layer 2 switches is fun for working with IOS.

  • I need a real computer rack. All the rackmount gear is sitting on wire shelving. I'd rather not show any photos until it looks more professional!


So there it is. I didn't show a few more systems which I consider retired, or at least "shut down unless I really need them." For example, I have a PPC Mac Mini and a HP Visualize PA-RISC, plus two Shuttle SFFs and a portable Hacom device. Right now I can't think of a reason to keep them running since I can always spin up a new VM if I need to test anything.
Tweet
Email ThisBlogThis!Share to XShare to Facebook
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Review of Intelligence, 4th Ed Posted
    Amazon.com just posted my five star review of Intelligence: From Secrets to Policy, 4th Ed by Mark Lowenthall . From the review : I was a...
  • SQL Injection Challenge and Time-Based Security
    Thanks to this Tweet by @ryancbarnett, I learned of the lessons learned of the Level II component of the ModSecurity SQL Injection Challen...
  • Practice of Network Security Monitoring Table of Contents
    Since many of you have asked, I wanted to provide an updated Table of Contents for my upcoming book, The Practice of Network Security Monito...
  • C-SPAN Posts Video of Tuesday Hearing
    You can now access video of Tuesday's House Select Committee on Intelligence Hearing on Cybersecurity at C-SPAN . Some people are alread...
  • Bejtlich's Thoughts on "Why Our Best Officers Are Leaving"
    Twenty-two years ago today I flew to Colorado Springs, CO and reported for Basic Cadet Training with the class of 1994 at the United States ...
  • A Book for the Korean Cyber Armies
    I've got a book for the Korean cyber armies, North and South. That's right, it's my first book , The Tao of Network Security Mo...
  • Bejtlich Teaching at Black Hat West Coast Trainings
    I'm pleased to announce that I will be teaching at  Black Hat West Coast Trainings  9-10 December 2013 in Seattle, Washington. This is a...
  • Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
    Two weeks ago today our team at Mandiant was feverishly preparing the release of our APT1 report . In the twelve days that followed public...
  • Tort Law on Negligence
    If any lawyers want to contribute to this, please do. In my post Shodan: Another Step Towards Intrusion as a Service , some comments claim ...
  • Review of America the Vulnerable Posted
    Amazon.com just posted my five star review of America the Vulnerable by Joel Brenner. I reproduce the review in its entirety below. I'...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ▼  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ▼  January (9)
      • Wanted: Incident Handler in Michigan
      • Seven Cool Open Source Projects for Defenders
      • More on Chinese Stealth Fighter and APT
      • Happy 8th Birthday TaoSecurity Blog
      • The "IT as a Business" Train Wreck
      • To Those Who Want Tim Thomas Books
      • TaoSecurity Lab
      • VizSec 2011 Call for Papers Open
      • Starting the New Year Right
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile