I have recently been reading up on and watching to some penetration testing material. I certainly want to keep it legal so I thought it would be a good idea to set up my own 'hacking lab' at home with victim machines to try to break in to. What I did is using virtualbox to set up several other machines, a windows 2003 server, a windows xp and a backtrack4 one. Backtrack4 would be my attacking machine, and the other 2 my victims. I have configured the 2003 server for networking services, it is set up to be 'bridged', has an ip address and can browse the internet.
Even though I do not have any firewall activated on these machines, nearly none of my techniques seem to work for scanning/enumeration. with ipconfig I can get the ip-address of the victim machine, and when pinging it it appears to be up. When I portscan it, the result is that all ports are closed. This is ofcourse not true, as is indicated by the netstat command on the victim machine.
I am starting to think that something is wrong with the ip-address, or the fact that I use one physical machine with one network card, and thus one MAC address, for several virtual machines. When I shut down the victim machines, I can still ping that ip-address and it is still up somehow. Also, my attacking machine appears to have the same IP address (10.x.x.x).
What I also tried is to boot my notebook into linux and use the techniques on that machine. My pings worked half of the time, and didn't the other half of the time. I couldn't seem to find open ports there either.
The network setup I'm using for these 2 machines is :
WAN -> switch -> Wireless router(firewall off) -> notebook
switch ->Attacker machine
both my attacker's host OS and notebook have a 84.194.x.x ip address.