Question:
How do i build my own model WAN?
Good Daddy
2008-10-29 15:12:54 UTC
I've been playing around with the idea for some time. Ok, let me give a little background, and then my intentions. I'm a systems engineer with degrees in programming, networking, and analysis so feel free to get technical peoples. :)

I've been researching more and more into security and have been experimenting with fundamental network operations. My goal is to set up my own personal WAN in my lab (in my house) and monitor packet payloads of rudimentary network operations such as dns cache updates, ARP, ns lookups, dn translations, maybe even as far as active directory replication, remote LDAP mods, DHCP, etc...

I've got a collection of 9 computers dating back no more than 7 years in my lab that have been set up as DDNS web servers in the past, but i don't need them anymore. I'd like to set up a series of dedicated DNS servers, routers, separate dubnets, a client machine, a couple web servers, and what not on a private WAN all objects running some kind of net monitor to document what goes on, how and when.

I'm not sure how i'm going to model these after the real internet. What OS's should i use for each object? I have access to any kind of OEM installer including Server2003 Enterprise, Redhat, Ubuntu, XP-Pro. Non of this model will be connected to the real net, ideally i'd like to try and break my system to try and prevent it at the office.

Any advice? Any books, labs or documentation you could recommend? How would you do it? What experiments would you conduct?
Three answers:
molasses2
2008-10-29 15:59:15 UTC
I commend you on your resolve to do this. However, if you're only running clients and servers, you're only modeling a LAN. If you really want to build a WAN backbone, you're going to have to turn a few of those machines into routers (or better yet, get a couple of ancient Cisco 2500s and build a real routed backbone) running a routing protocol (BGP if you really want to emulate the Internet).



Since your main focus is on server replication, you can probably gloss over the actual network portion and just plug all of your machines into a switch. You'll want WireShark, tcpdump, and/or snort running, probably to view the dumps. I would recommend a combination of Windows NT/2000/2003 Server, Linux (any flavor), Solaris, and one of the BSD family. Since you're hoping to use this lab to come up with a best practice for your business, you'll probably want to mirror your current real network.



As for the tests, I don't have any specifics in mind, but I'd start by checking the latest CERT advisories (http://www.cert.org/advisories/) and seeing whether your systems are currently vulnerable. Beyond that, you might check some of the popular hacker sites to look for exploits you could try on your own systems. If you just want to watch data transfers, you'll want to set up master/slave servers (DNS, Active Directory, etc.).



How about setting up some kind of VPN (or several types!) and watching replication across a tunnel?
Anderson K.
2008-10-29 15:21:01 UTC
1. My first experiement would be to go out and meet a woman...



But I digress...

Are you planning on bringing in bandwith from the outside world?

If no the possibilities are endless.



However if you are - I would set up a 10.x.x.x subnet and play with active directory. and if you are really bored, i would play with novell netware as well.



Both are quite fun and are the more popular enterprise level Network operating Systems.



Active Directory is alot of fun because you can do alot to try and break it using tools such as LDP and ADSIEdit.
titcomb
2016-10-25 17:40:07 UTC
i do not comprehend the McDreamy dolls because I frequently deliver at the same time older dolls, yet I honestly have alot of friends (my friends are all doll creditors) who do deliver at the same time the modern dolls and that i do not imagine they're weird and wonderful in any respect! variety is the spice of existence!


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...