This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Boulder OWASP Lab"
From OWASP
(→Desired Lab Components) |
|||
| Line 13: | Line 13: | ||
- 2-factor auth for any management components; possibly for some of the target apps too... | - 2-factor auth for any management components; possibly for some of the target apps too... | ||
- Hamachi or some sort of VPN so we can stay decentralized...? | - Hamachi or some sort of VPN so we can stay decentralized...? | ||
| + | - Somebody's open-source SEM/SIM to gather events so that the only time WAF/IPS/HIDS/HIPS/Whatever needs to be touched is for config changes | ||
Revision as of 22:22, 19 September 2008
Link to the Lab Setup Diagrams Andrew found
Diagrams Andrew shared at the 9/18/2008 bOWASP meeting
Desired Lab Components
- WLAN WAP and/or big copper switches - host box with loads o' storage capable of running multiple victim VMs; capable of burning VMs to DVD - Web App Firewall - IPS - CD/DVD copying capability
- 2-factor auth for any management components; possibly for some of the target apps too... - Hamachi or some sort of VPN so we can stay decentralized...? - Somebody's open-source SEM/SIM to gather events so that the only time WAF/IPS/HIDS/HIPS/Whatever needs to be touched is for config changes
