This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Boulder OWASP Lab"
From OWASP
(→Desired Lab Components) |
|||
| Line 19: | Line 19: | ||
- Hamachi or some sort of VPN so we can stay decentralized...? | - Hamachi or some sort of VPN so we can stay decentralized...? | ||
- Somebody's open-source SEM/SIM to gather events so that the only time WAF/IPS/HIDS/HIPS/Whatever needs to be touched is for config changes | - Somebody's open-source SEM/SIM to gather events so that the only time WAF/IPS/HIDS/HIPS/Whatever needs to be touched is for config changes | ||
| + | - NYC OWASP's CTF environment with all of the above | ||
Revision as of 18:37, 25 September 2008
NEWS!
Sept 25th 2008 - NYC CTF may get packaged up
There is a Capture-The-Flag (CTF) environment at the NYC OWASP Con. It seems likely that it will be packaged up and distributed. Stay tuned...
Link to the Lab Setup Diagrams Andrew found
Diagrams Andrew shared at the 9/18/2008 bOWASP meeting
Desired Lab Components
- WLAN WAP and/or big copper switches - host box with loads o' storage capable of running multiple victim VMs; capable of burning VMs to DVD - Web App Firewall - IPS - CD/DVD copying capability
- 2-factor auth for any management components; possibly for some of the target apps too... - Hamachi or some sort of VPN so we can stay decentralized...? - Somebody's open-source SEM/SIM to gather events so that the only time WAF/IPS/HIDS/HIPS/Whatever needs to be touched is for config changes - NYC OWASP's CTF environment with all of the above
