Penetration Testing mailing list archives

Re: Can we say Back|Track best CD for a Penetration Test

From: Seth Fogie <seth () fogieonline com>
Date: Sun, 29 Apr 2007 21:23:10 -0400

I would like to provide a few comments on this...

From a wireless perspective, many of the wireless tools included withBackTrack2 require a bit of tweaking to get working (airoscript [fontissues]/wicrawl [dhcpcd vs dhclient]/airpwn [lorcon needs installed -included in airpwn folder - but those drivers are older and somefunction no longer valid for other programs]/hostap [rmmod-modprodissues]). In other words, wifisec from BT2 is not your new users bestsolution. However, I would say that BT2 + Auditor as LiveCD's are topnotch...nothing better. BT2 itself installed on the HD rocks because youcan update/tweak it all once and be done - including the missing nessuscomponent and all the aforementioned issues.

However, if we exclude 802.11...then my vote is for BT2. It is allaround the best LiveCD out there - and I would take this moment tosuggest supporting the project :)


Troy Robinson wrote:

Hi list,

I've had some experience with this of late so will throw in my 2cents.

First I'd like to include that Back|Track2 is awesome for Pen Testing, a
great range of tools, hardware support and ease of usability that I've never
seen in any other Live Security distros.

I've tried 4 different wireless cards on Back|Track2 with varying levels of
success.

Intel IPW3945ABG
Works fine, you need to manually load the driver each time if booting from
the CD which can be annoying. Doesn't support Packet Injection for WEP
cracking, but otherwise alright to use.

D-Link DWL-G650
A great card, utilizes the madwifi driver built into Back|Track2, cheap
card, supports packet injection. Only draw back is the range. Recommended
for the price conscious. Around $80 AUD

Cisco Aironet 350
Natively supported, recommended firmware 4.25.30 for dealing with WEP
decryption. From my understanding does not support Packet Injection. Nice
card however, 2 x MMCX connectors available for external aerials. Nice

sensitivity.

UbiQuiti SRC Range Max
Without a doubt the best card available IMHO. A massive 300mW power, comes
with 2 x MMCX connectors and now shipping standard with a 5dB aerial. Can
support OMNI and Directional at the same time. Uses the madwifi driver,
supports packet injection. Support for ABG networks. Great sensitivity.
Only draw back is the price, I managed to locate one for $220 AUD. If you
don't mind the money, then this is the only choice.

Offensive Security has a page for the full list.
http://backtrack.offensive-security.com/index.php?title=HCL:Wireless

Troy


-----Original Message-----

From: s-williams () nyc rr com [mailto:s-williams () nyc rr com]Sent: Saturday, 28 April 2007 11:13 PM

To: Eagle Fire; listbounce () securityfocus com; pen-test () securityfocus com
Subject: Re: Can we say Back|Track best CD for a Penetration Test

I have used both before and found them to be good. I had an old Orinoco
Gold classic card 802.11. b that I usedto test with.  I amd looking for a
few more cards that has good support for most pentesting wifi tools, can
someone sugest a few that the use.

"A wise man ask questions, a fool is afraid of knowledge"

-----Original Message-----
From: Eagle Fire <tlecuauhtli () googlemail com>

Date: Tue, 24 Apr 2007 13:46:29To:pen-test () securityfocus com

Subject: Re: Can we say Back|Track best CD for a Penetration Test

   For Wireless stuff Backtrack is quite well. I also used Knoppix
S-T-D, it was good but the it had very little support to wireless
card, it was also based on kernel 2.4. I do not really know if there
is a newer version, but it was good if you did not require wireless.

  I agree that this distros are like a box of tools. You can have
many of them and use them as you need.

-tlec

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Current thread:

Re: Can we say Back|Track best CD for a Penetration Test, (continued)
- Re: Can we say Back|Track best CD for a Penetration Test Rick Zhong (Apr 16)
  - Re: Can we say Back|Track best CD for a Penetration Test Eagle Fire (Apr 28)
    - Re: Can we say Back|Track best CD for a Penetration Test s-williams (Apr 29)
    - Re: Can we say Back|Track best CD for a Penetration Test crazy frog crazy frog (Apr 29)
- Re: Can we say Back|Track best CD for a Penetration Test sto6ma9ch (Apr 13)
- Re: Can we say Back|Track best CD for a Penetration Test krymson (Apr 13)
  - Re: Can we say Back|Track best CD for a Penetration Test Brad Bendily (Apr 14)
- Re: Re: Can we say Back|Track best CD for a Penetration Test barcajax (Apr 29)
- RE: Can we say Back|Track best CD for a Penetration Test Troy Robinson (Apr 29)
  - Re: Can we say Back|Track best CD for a Penetration Test James Matthews (Apr 29)
  - Re: Can we say Back|Track best CD for a Penetration Test Seth Fogie (Apr 30)