RE: Tool kit assembly

["Petruzel, Oliver" <OliverP () aegisresearch com>]

Classic Attack Box build:

Requirements: 

1 Laptop which must be linux-friendly hardware, and 
1 tech-savvy, linux-and-NT-friendly, (part-time coder) engineer-dude.

START WITH:

- partition the Drive in a 50/50 split or 60/40
- Install NT/2k workstation on largest partition
- Install as many NT attack tools as possible, including ISS
scanner/Cybercop if possible.
- Install ActivePerl, Visual C++ with latest service pack, and Java JDK -
latest.
- Install NmapNT, superscan, sam spade, etc. (all freeware)
- Install debug tools (windbg works, but look for better)
- Install freeware forensics tools.  S-tools, Hex editors, etc. Encase if
you can.

THEN
- Install VMWare 2.0
- Install linux flavor of your choice on second parition and configure it
within VMware
- Install latest nix version of nmap, nessus, saint, sara, etc.
- Install Snort, ethereal, tcpdump and similar tools.
- Install latest C/java libraries.
- Download every piece of attack code you can find = millions of available
scripts and coded pieces, just start with the latest and greatest and work
backwords.  Good luck getting 99% of them to compile on anything without
fixing the code.  That's the fun part, right? lol.
(sources will be bugtraq list, securityfocus.com, IRC, packetstorm,
rootabega, neworder.box.sk, etc etc.  make sure to collect trojans as well -
preferably their source code - also research methods of creating malicious
web content or email via html/java/activex - also collect DoS code as well:
you never know when you may wish to flood an IDS port...)

Then, if you reaqlly want to be high speed, do this:
- Install a wireless NIC which conforms to as many wireless standards as
possible.
- install dsniff and/or any sniffing tools you can find, on either platform
- read up on wireless sniffing

That would be a good start.  There are hundreds of little apps and tools
which i failed to list, and some of the stuff i mentioned may cost some good
money.  But ultimately, you end up with a unit which you may Ghost and
re-use forever as your portable attacking monster.

By the way, I prefer the complete opposite, as I make linux my primary OS,
and install VMware for linux and go the other way... as linux is where i
hang my hat.

good luck. any questions, feel free to contact me anytime

- Oliver Petruzel
- Computer Intrusion Analyst
- Aegis Research Corporation

> -----Original Message-----
> From: Coffey, Christopher S. [mailto:Christopher.Coffey () mail va gov]
> Sent: Wednesday, July 25, 2001 1:41 PM
> To: 'Eric R. Van Skike'; pen-test () securityfocus com
> Subject: RE: Tool kit assembly
>
>
> I'll give you a quick run down of how I would set-up an 
> "attack box" using
> freeware apps...
>
> I would start with a good mid-range laptop. I would recommend 
> you use a
> version of Linux as an OS unless your company has a policy against it.
>
> I would start by loaded a couple of nice freeware tools such 
> as nmap(port
> scanner) http://www.nmap.org/ and Nessus(remote security scanner)
> http://www.nessus.org/ . Those would be the core tools I 
> would use for any
> testing done.
>
> Various other great tools I've used include :
> Whisker - CGI vulnerablity scanner - Good for checking for 
> bad CGI's on any
> web server http://www.wiretrip.net/rfp/
> Saint - Another Vulnerability checker- http://www.wwdsi.com/saint/
> Sara - Another Vulnerability checker -  http://www-arc.com/sara/
>
> These are just a few of the tons of tools out there, I would 
> recommend you
> load some up, and play with them in a lab to decide which you 
> think are
> better for what your doing. Here is a link to a recent servey 
> of the top 50
> tools for pen-testing complete with some great links to web sites etc.
> http://www.nmap.org/tools.html
>
> Hope this helps 
>
>
>
>
> -----Original Message-----
> From: Eric R. Van Skike [mailto:vanskike () ods ods net]
> Sent: Wednesday, July 25, 2001 12:08 AM
> To: pen-test () securityfocus com
> Subject: Tool kit assembly
>
>
> I've been lurking for awhile, and the vast amount of 
> information that passes
> through this list has left me with a problem, to much 
> information to process
> quickly :).
>
> It look's like I will need to do some penetration test for 
> the organization
> I work for in the not-to-distant-future.  The problem is, I 
> do not really
> know where to begin as far as what programs would be appropriate.  The
> organization I work for is currently just a Microsoft shop 
> with very-few non
> MS services/programs made available to the masses.
>
> And here begins my request... I was wondering if anyone on 
> this list could
> give me recommendations of programs or websites that would be 
> useful for
> someone (such as myself) who is creating a 'tool kit'.  With 
> the wide array
> of programs available, I'd like to avoid getting programs 
> that are not up to
> par.  commercial or non-commercial is fine.
>
> Thanks in advance for any help.
>
>
> -Eric Van Skike
> vanskike () ods ods net
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security 
> vulnerabilities please see:
> https://alerts.securityfocus.com/
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus Security 
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security 
> vulnerabilities please see:
> https://alerts.securityfocus.com/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/