A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle




Irongeek's Infosec Wargames

Irongeek's Infosec Wargame Servers

        On April 1st 2008 I posted the following announcement to my site:
 

    I'd like to announce the launch of my own wargame servers for testing out your computer security skills. The host names are:

hackme1.irongeek.com
hackme2.irongeek.com
dosme1.irongeek.com
 

        Try out Nmap, Nessus, Metasploit and other tools on these boxes. Please let me know your findings. Thanks to my hosting provider Dreamhost. If you want to know more about Dreamhost check out my review (and coupon codes), they have been pretty good to me.

 

        In case you could not tell from the date, this was an April Fools Day prank. The host names resolve as follows:

hackme1.irongeek.com = 127.13.43.22
hackme2.irongeek.com = 127.13.43.23
dosme1.irongeek.com = 127.13.43.24

127.*.*.* is the local loopback address, so anyone scanning those IPs would be scanning themselves. Had I been really mean I would have mapped those host names to IPs belonging to the FBI/NSA/CIA. The lesson to be learned from this: Always do a DNS lookup first before scanning/pen-testing a target. Now, if you want to test your security skill against some real targets I'd recommend the following:

WebGoat
WebGoat is a set of deliberately insecure Java server pages. I have a video that can start you out on using WebGoat.

De-Ice
De-Ice is a set of bootable CDs you can test your pen-testing skills against.

http://www.hackthissite.org/
While I find their political slant annoying, this site may be of use to some of you.

Smash The Stack
This is a network of affiliated sites that run their own wargame servers.

If anyone has some other suggestions I'd be glad to hear them and add them to this page.

 

 

 

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast