Building a test lab network - help please

I'm studying Computer Forensics (through Redlands and the Downtown College Consortium).

In order to learn about networks, port scans, tcpdump, etc. with my classmates, but without violating our cox.net usage agreements, we're building a stand-alone network in my spare bedroom.

The plan, in general, is to build Network A and Network B, with various servers, desktops, hubs and switches -- then generate network traffic (and attacks) between the networks.

I *think* I'd like to separate the two nets with a router. I'm not sure why - but it would give us some practice with a router. Now most consumer routers seem to deal with hooking cable modems or DSL to a home LAN. This is definitely *NOT* what we want to do.

My plan is to dedicate a low-end Linux box running one of the Linux Router distributions. It'll have two ethernet NICs - one for Net A, the other for Net B.

Have I oversimplified? Have I overlooked something?

Please feel free to critique or improve this rough plan for a lab network.

ps: I looked at Shunra, LANForge, Itheon, and other $$$ products - but they are all overkill for this little project. So FreeSCO or Coyote looks like a better route (pardon the pun).

Thanks for any help.

Perhaps you should try the www.okc2600.com boards. They might be able to help some more.

I can't comment too much on what you're trying to do but I use FREESCO as my primary NAT router between my DSL modem and my internal LAN. I think it's great - you can also configure it as a bridge but I haven't done it.

I've been doing quite a few port scans lately trying to troubleshoot my connectivity to a friend's server - I don't think SBC cares but I might be wrong. I get scanned a lot, and once when I took a little too long setting up XP on a box that I was working on it got infected via the network. FREESCO has helped a lot with keeping boxen protected while I work on them.

Anyway, I just wanted to say that FREESCO is great - I don't know if it'll do what you need but hopefully it will.

Oh, and if you run short on any hardware let me know - I'm running FREESCO on an old 486 with dual 3COM ISA cards and I have both a spare system and NICs. I mean I have other hardware that I could loan out too but that's what I use to run FREESCO and it runs pretty well.

Thanks for the pointer to the okc2600 board. I didn't even know it existed. It looks like I have some reading to do before I post there.

Thanks too, for the good report about FREESCO. It gives me some momentum going into the build for the lab.

Thank again, all, and Merry Christmas!

David Richard

your on the right track, but any linux distro will do what you are wanting. You might have to recompile a kernel or two depending on the distro, but the linux kernel allows you to create an awesome router. I actually created this sort of thing for the okc2600 capture the flag contest. We were running snort on the box to be able to see what each team was doing.

Let me know if you need any help. I am also the okc2600.com board administrator so just give me a shout and I can give you a hand. :)

I had to do something like that recently when I was working on figuring out IPsec. I had a old pentium 233Mhz desktop with two nics in it. All you need to do is assign IP addresses to the interfaces and turn on IP forwarding. The only thing you may need to do on the client ends is make sure they use the inbetween box as the gateway (like you would setup a DSL/Cable/T1).