viernes, 12 de junio de 2009

Recopilación de Máquinas Virtuales para VMWare para Laboratorios de Seguridad

El siguiente listado de Imágenes de Máquinas Virtuales pretende ser un recopilatorio de recursos de ambientes virtualizados enfocados al desarrollo de Laboratorios de Seguridad Informática. (PenTesting, Análisis de Malware, Hardening, Protección y Análisis de Datos, etc.)

Estas imágenes serán muy útiles cuando se pretendan realizar laboratorios que requieran diferentes Sistemas Operativos como máquinas “atacantes” y máquinas “víctimas”.
Están desarrolladas para ser utilizadas con cualquiera de los productos de VMWare. Recomiendo el uso de VMWare Player y Server como solución al tema de licenciamiento, aunque es posible utilizar VMWare WorkStation en modo Trial por 30 días. Todas estos entornos ya traen instaladas las VMWare Tools para facilitar la transferencia de datos entre uno y otro sistema.

Imágenes tomadas de BagSide:

  • BackTrack 4 beta (Imágen de VMware con VMWare Tools).
    • BackTrack 4 beta, with KDE 3.5.10 Desktop and Kernel 2.6.28.1. Now based on Ubuntu Intrepid. Loads of specialized applications for admins. VMwareTools 7.8.4-126130 installed along with SLIM Login manager, some extra scripts and the gtk-qt-engine. Released 11th Feb. 2009. The appliance occupies 4.2GB of the virtual disk which is 25GB in total. Default RAM is set at 688MB and the download is 839 MB. Regarded as one of the top Security distros.
    • Página oficial de BackTrack.
    • Descargar máquina virtual.
  • Caine / Computer Aided INvestigative Environment (Imágen de VMware con VMWare Tools).
    • CAINE (Computer Aided INvestigative Environment) is a GNU/Linux Digital Forensics distro for Interdepartment Center for Research on Security (CRIS), supported by the University of Modena and Reggio Emilia in Italy. Based on Ubuntu 8.04.1 with Kernel 2.6.24-24 and GNOME 2.22.3. Fully updated on the 2nd of March 2009. Released on the 22nd of Feb. 2009. The dynamic disk is 40GB and the appliance occupies 3.5GB installed and the download is 683 MB. 588 MB RAM is allocated as default.
    • Página Oficial de Caine.
    • Descargar máquina virtual Caine.
  • Helix 2008R1 (Imágen de VMware con VMWare Tools).
    • Ubuntu 8.04 based Incident Response. Discovery, Forensics and Security Distro
      Kernel 2.6.24-21-generic with Gnome 2.22.3 Desktop. Fully upgraded on the 03/10/2008. The source and some dev-tools are installed as well as VMwareTools 6.5-118166. The resolution is DYNAMIC (drag the VMware frame to desired size). Distro release date 23/09/2008. The appliance occupies 2.8GB of the virtual disk which is 14GB in total. Default RAM is set at 568MB and the download is 708MB in total. Works well here. For those of you who wants to use or try applications like Adepto, Autopsy, GtkHash, Linen, Ophcrack etc.
    • Página oficial de Helix.
    • Descargar máquina virtual Helix.
  • nUbuntu (Imágen de VMware con VMWare Tools).
    • Ubuntu 8.10 remaster loaded with Security tools for Bluetooth, Cisco, Scanners, Password, Exploits, Database, Fuzzers, Enum, VoiP and Wireless. Some build-tools and VMwareTools 7.8.4-125130 are installed. Release date 17/12/2008. The physical disk is 9GB whereoff 2.7 GB is used for the appliance. The download is 566 MB and RAM set at 548 MB.
    • Página oficial de nUbuntu.
    • Descargar máquina virtual nUbuntu.
  • Samurai Web Testing Framework (Imágen de VMware con VMWare Tools).
    • Security and web penetration test suite based on Ubuntu 8.04
      Kernel 2.6.24-21-generic with Gnome 2.22.3 Desktop. Fully upgraded on 08/10/2008. Headers and some dev-tools are installed as well as VMwareTools 6.5-118166. The resolution is DYNAMIC (drag the VMware frame to desired size). Distro release date 10/08/1008. The appliance occupies 3.0GB of the virtual disk which is 14GB in total. Default RAM is set at 548MB and the download is 675MB in total. Works well here. Loaded with intrusion tools: DirBuster, Fierce Domain Scanner, Gooscan, Grendel-Scan, HTTP_Print fingerprinting tool, Maltego CE, Nikto, Paros, Rat Proxy, Spike Proxy , SQLBrute, w3af (and the GUI), Wapiti, WebScarab, WebShag, ZenMap, dnswalk, httping, httrack, john the ripper, netcat, nmap, siege, snarf etc.
    • Página oficial de Samurai Web Testing Framework.
    • Descargar máquina virtual Samurai Web Testing Framework.
  • WeakNet Linux (Imágen de VMware con VMWare Tools).
    • Security distro from WeakNetLabs. Based on Ubuntu 8.04.1 with Kernel 2.6.24-21 and GNOME 2.22.3. Fully updated on the 22nd of November. Released on the 20th of November 2008. Substantial amount of security tools including WeakNetLabs own code and a ‘dashboard’ with main applications. The dynamic disk is 20GB and the appliance occupies 3.6GB installed and the download is 848 MB. 612 MB RAM is allocated as default.
    • Página oficial de WeakNet Linux.
    • Descargar máquina virtual Weaknet.
  • CentOS (Imágen de VMware con VMWare Tools).
    • Red Hat Enterprise based with GNOME 2.16 desktop. Installed kernel-devel, cpp, gcc, build-tools and VMwareTools 7.8.4-126130, Adobe flash plugin, Yum-extender, Yum-utils and gtk-murrine-engine and some iconsets. Release date 31/03/2009. CentOS is ranked no.10 on Distrowatch. The physical disk is 40GB whereoff 4.1 GB i used for the appliance. The download is 813MB. Very mature and stable although not bleeding edge.
    • Página oficial de CentOS.
    • Descargar máquina virtual CentOS.
  • FreeBSD (Imágen de VMware con VMWare Tools).
    • Standard with the following added, Opera 9.63, MySQL Server Client, Ruby, Apache, Ark, compat6, Nano and a few more plus VMwareTools. Occupies 4.5 GB on disk off a virtual dynamic disk of 20 GB. 644 MB RAM allocated and the download is 904 MB. Works here after some serious tweaking and fixing. I must say that I have still problems getting to grips with all BSD’s as VMware guest OS desktops although this is probably the best one I have built so far.
    • Página oficial de FreeBSD.
    • Descargar máquina virtual FreeBSD.

Imágenes tomadas de Virtual Appliance Marketplace:

  • Astaro Mail / Web / Security Gateway (Imágen de VMware).
    • Astaro Mail Gateway provides complete protection and control over spam, viruses, worms and Trojans transferred through email. The All-In-One mail security appliance features comprehensive features for spam detection and malware filtering.
    • Astaro Web Gateway provides complete protection and control over data transferred over the web. The All-In-One web security appliance features Malware Detection, Application Control, URL Filtering and Bandwidth Management, fully integrated and manageable through a single and intuitive browser-based user interface.
    • Astaro Security Gateway integrates complete Network, Web and Mail Security through an intuitive browser-based user interface. The Astaro Unified Threat Management appliance is the most easy-to-use and cost-effective “all-in-one” solution available, working to effectively shield businesses from internet based threats everyday.
    • Página oficial de Astaro Mail Gateway.
    • Descargar Astaro Mail gateway.
    • Descargar Astaro Web Gateway.
    • Astaro Security Gateway.
  • Nepenthes VMware Appliance (Imágen de VMware con VMWare Tools).
    • Nepenthes is a low interaction honeypot like honeyd or mwcollect. Low Interaction Honeypots emulate known vulnerabilities to collect information about potential attacks. Nepenthes is designed to emulate vulnerabilties worms use to spread, and to capture these worms. As there are many possible ways for worms to spread, Nepenthes is modular. There are module interface to Resolve DNS Asynchronous, Emulate Vulnerabilities, Download Files, Submit the Downloaded Files, Trigger Events, Shellcode Handler.
    • Página oficial de Nepenthes VMware Appliance.
    • Descargar máquina virtual Nepenthes.
Fuente: http://labs.dragonjar.org//



A los anteriores Cryptex suma los siguientes..

1. FreeNAC - Open Source Network Access Control VMware Image - Download here

2. PacketFence ZEN - Zero Effort NAC - VMware Virtual Machine - Download here

3. ZENOSS Enterprise Availability Monitoring Appliance - VMware Virtual Machine - Download here

4. Vyatta Open Source Router v. 2 - VMWare Virtual Machine - Download here

5. Vyatta Open Source Router v. 2 - ISO live system CD - Download here

6. Catapulta - Gigabit performance packet capture Linux distribution - Download here

7. Port25 Mail Server - VMWare Virtual Machine - Download here

8. OpenFiler - NAS/SAN Appliance - x36 installable CD - Download here

9. ComixWall UTM Appliance - x36 installable CD v4.2 - Download here

Fuente: http://www.seepurity.com/


Otras..
Network Security Toolkit (NST) Virtual Machine
- Download

Listado completo de imagenes de VMWare realacionadas con Secure Content and Threat Management (Virtual Appliance Marketplace)

Listado completo de imagenes de VMWare relacionadas con Identity, Access, Vulnerability Management (Virtual Appliance Marketplace)

Listado de "Virtual machine" relacionadas con Seguridad en sourceforge.net


Link relacionado:
- Virtual Lab with VMware



No hay comentarios: