A Scalable and Dynamic Testbed for Conducting Penetration-Test Training in a Laboratory Environment

Abstract

This report describes a novel testbed for training penetration testers who evaluate the security of computer networks. This testbed was generated based on an informal study of the common needs of real-life penetration testers. Only open-source technologies are used and step-by-step instructions are provided on how to create the testbed. A case study is also included with a sample scenario and the steps that a penetration tester may take to evaluate a network. Lastly, the report includes lessons learned and limitations of the testbed.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2015
Accession Number
ADA615847

Entities

People

  • Felipe Sotelo
  • Jaime C. Acosta
  • Scott Freeman

Organizations

  • United States Army Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Weapons Technologies

DTIC Thesaurus Topics

  • Application Protocols
  • Case Studies
  • Computer Networks
  • Computer Programming
  • Computer Programs
  • Computers
  • Department Of Defense
  • Detectors
  • Graphical User Interface
  • Lessons Learned
  • Mesh Networks
  • Network Protocols
  • Network Topology
  • Networks
  • Operating Systems
  • Security
  • Virtual Machines

Fields of Study

  • Computer science

Readers

  • Aerospace Test and Evaluation
  • Computer Networking
  • Systems Analysis and Design