In order to be able to plan for the security of your machines, you will need some sort of lab. With this lab you can test stability and security of software. You can attempt to break into your own systems using the same tools that crackers will be using. You can (and will) find trouble areas before you deploy software/hardware across your enterprise.

I am sure that many of you already have some sort of isolated network that you do much of your testing on. If this sounds like you, you are already ahead of the game.

First of all, let's discuss hardware. Chances are that you will not need top of the line hardware to test for most security vulnerabilities. That is, unless you plan to make extensive use of brute force software crackers or decryption software.

In most instances, those old PII-200's that were never sold at the company sale will be more than sufficient. With the price of memory being what it is, you should be able to put a minimum of 128Mb in each machine. As far as hard drive space goes, a couple of Gigabytes per machine will give you plenty of room for most operating systems.

If you are on a tight budget, Computer Geeks is a great place to find refurbished and outdated (by Microsoft standards) machines. For under a thousand bucks, you should be able to get all of the hardware that you need to build a lab. I am not getting any kind of kickbacks for mentioning this online store, it is just that I have had very good experiences in dealing with them.

Keep in mind that just because you have several machines, does not mean that they all need to be outfitted with their own keyboard, mouse and monitor. You can use SSH (Secure SHell) to open a session on your Linux and *BSD boxes. You can also use KVM switches (keyboard, video, mouse) to share a single keyboard, mouse and monitor between several machines.

If you want to multi-boot machines, let me recommend the removable IDE hard drive racks that Computer Geeks has. For under $8 apiece these racks are perfect for using one machine to run several operating systems, and these racks support IDE drives with up to ATA-100 support. I have been using these racks with 7200 RPM ATA-100 drives with no problems whatsoever (even when I leave the machine running 24-7).

You will need a minimum of three machines, while I would recommend four or five. This way you can set up some Linux or *BSD routers between seperate subnets, effectively creating a more real world type of scenario.

Ideally, you would have access to some Sun or Unix boxes to use in your lab, but that is usually cost prohibitive. On a side note, isn't it funny how management never wants to come up with money for testing until after the network has been hacked!

While we are on the subject of operating systems, don't think for one second that since you only use one OS in your enterprise that you should not be testing with other operating systems.

Granted, many companies use Microsoft products corporation wide, however, if you go to a hacker conventention, you will probably not see very much Microsoft software at all.

Most of your bona-fide hackers (I am not talking about script kiddies here) use an operating system that (a) allows them total control of the machine it is installed on, and (b) has a multitude of development tools freely available over the internet.

What this means to you, as the person in charge of security, is that although most of your network may consist of Microsoft OS based machines, intruders will be using other operating systems. You should take the time to familiarize yourself with these "alternative" operating systems so that you will have a chance of effectively locking down your systems. At a minimum, be sure to aquaint yourself with Linux and one of the *BSDs (FreeBSD, NetBSD, OpenBSD).

If you can't swing the cost of a boxed set of one of these operating systems and you don't have the bandwidth available to download them, you can find companies on the web that will burn CD-Rs of these operating systems very reasonably. These burned CDs will not have the end-user support of the box sets, but they will provide you with most of the development and networking tools that you will need.

I have personally dealt with a company called Edmunds Enterprises, and have been quite satisfied with the results. They produce very good quality CD-Rs for 2.49 each, including postage. In other words, you can order the complete RedHat 7.2 distribution along with FreeBSD 4.4 for well under $20. Edmunds Enterprises can be found here.

Some of the most powerful networking tools are available as Open Source software, although you will not see a lot of Windows ports of these softwares. So, you can spend $15,000 for a license for Sniffer Pro for your Windows box, or you can spend a few minutes downloading Ethereal, which you can legally install on as many boxes as you like (and, other than the cost of bandwidth, it costs nothing).

If you are curious about what types of free (as in speach, not beer) security tools are available for Linux, the *BSDs, and even Windows, be sure to follow these links:
http://www.securitypronews.com/2001/1011.html
http://www.securitypronews.com/2001/1129.txt

For more information on free security tools, be sure to check out the following sites:
http://insecure.org
http://astalavista.box.sk/
http://sourceforge.net