With the addition of Virtualbox support to GNS3, the possibilities are endless as to what can be achieved from it. The whole Internet can be simulated if your system has the horse power. Those who want to learn CEH and those who want to test certain requirements, it is best to not do it on a live network or live server because if anything goes wrong, the one who is responsible for giving 99.9% uptime will have unfortunately caused a downtime. There are many Pen Test tools which are so harmful that it could destroy the Kernel of an operating system and which is absolutely not something you want. In a less severe case, a test can cause a system to reboot causing downtime.

For some while now, Ethical hackers have been using Virtual Machines to do Pen-testing in an offline environment. The problem with this is that the actual network cannot be simulated i.e. how the server interacts in a routed network and behind a firewall could not be simulated. The vulnerabilities of end hosts could only be tested. The responsibility of an Ethical Hacker is not only to check vulnerabilities in a server but every element of the network which gives 99.9% uptime to the server. An example of this would be that you have absolutely secured your server but the hacker compromises your router and shuts your internet links down. This would cause the same effect as when your server were to go down.

With GNS3 Virtualbox edition, you can use simulate your whole network with servers, routers, firewalls, etc. so that you can see a bigger picture and thus will be able to better protect your network. One thing I will point out now is that the whole network might be impossible for a single person to simulate as it requires expertise in Networks, security, systems, applications, etc. If a person were able to simulate all these himself, then this blog might not be suited for him as his skill set is much beyond the average IT guy. In order to successfully deploy this simulation, you might require help from the network, security and even the system guys depending upon what you are not an expert in. There are resources on the Internet for configuring all of these like using a Virtual-machine on virtualbox, etc. Continue reading →