RE: [Was:learning ethical hacking] Linux Security Distributions

["Jim Clark" <jclark () cmanet org>]

I agree with all below, however, the newest in my tool bag and what has
really been working well for me is Auditor from Max Moser.  I have found
it to be the fastest and easiest to use.  http://www.remote-exploit.org/

One word of caution though.  In auditing my wireless I was not paying
close enough attention and ended up running all the tools on a
government office in my area.  Oops.  Had to track that down and call
them.  So far their admins have been cool about it and we have really
interested in the tool sets.

On a personal note, please remember to through some beer and pizza money
to these folks.  Without them I believe our job would be more difficult.

Best regards,
Jim Clark

-----Original Message-----
From: xyberpix [mailto:xyberpix () xyberpix com]
Sent: Wednesday, October 06, 2004 2:06 PM
To: GuidoZ
Cc: Mike West; David King; linux user; Security Basics[List]
Subject: [Was:learning ethical hacking] Linux Security Distributions


I do like the Knoppix-STD distro and it is really worthwhile, personally
though I would recommend PHLAK(Professional Hackers Linux Assault Kit).
You can get it from http://www.phlak.org. It also comes with a sh*t load
of security tools, and the documentation that comes with it is a
worthwhile read for either novice or intermediate user. The one current
drawback is that it only uses the 2.4 kernel, but if you are willing to
install it to disk, you can upgrade, or if you have decent Linux
knowledge, you can bundle the 2.6 kernel with it, and create your own
bootable CD.

I use PHLAK on a daily basis as a security professional, and swear by
it. It just offers everything that I need on a daily basis.

HTH

xyberpix


On Sat, 2004-10-02 at 04:21, GuidoZ wrote:
> Nice link Mike. I had thought about trying that awhile back, but lost
> the link and had forgotten about it. Appreciate the reminder. =)
>
> I think this may have been mentioned before, so please excuse me if
> this is repetitive. Another good "toolkit" if you will is the Knoppix
> Security Tools Distribution (aka Knoppix-std). It's a bootable Linux
> distro that provides a multitude of forensic, antivirus, and security
> related tools. Being based on the Knoppix distro, it's not difficult
> for even a Linux novice to use. Check it out here:
> http://www.knoppix-std.org/
>
> --
> Peace. ~G
>
>
> On Fri, 1 Oct 2004 01:55:11 +0100, Mike West
> <mike.west () gateway servebeer com> wrote:
> > One I like to use is http://www.networksecuritytoolkit.org/nst/ it
is based
> > on RH9 and comes with loads of tools inc ethereal, nmap, nessus etc.
It also
> > has some wireless tools and has a web based GUI to be used remotely
or from
> > the local machine using firefox
> >
> > Check it out, It has helped me out on numerous occasions.
> >
> > Cheers
> > Mike West
> >
> > -----Original Message-----
> > From: David King [mailto:davewking () gmail com]
> > Sent: 29 September 2004 22:08
> > To: linux user
> > Cc: security-basics () securityfocus com
> > Subject: Re: learning ethical hacking
> >
> > One more thing I forogt to put in my last post.  Someone mentioned
> > PHLAK, which is a great bootable Linux CD.  I'd also like to
recommend
> > a couple of others, Auditor
> > (http://www.remote-exploit.org/?page=auditor) and Knoppix-STD
> > (http://www.knoppix-std.org/).  My favorate of the two is Auditor,
> > moslty because it seems to be the most up to date and works with the
> > most hardware.  All these CD's are free and are great for running
> > Linux tools on pretty much any machine.  Auditor is probably also
the
> > most user friendly for those who have never used Linux before.
> >
> > Laters,
> > Dave King
> > http://www.thesecure.net
> >
> > > On Tue, 31 Aug 2004 11:13:59 +0300, linux user
<linuxteam () gmail com>
> > wrote:
> > > > Hi All,
> > > >
> > > > Could you please let me know where should i start learning about
> > > > network, and web security, I   have been using linux mainly for
> > > > several years, windows for a couple of years, and solaris from
time to
> > > > time, I would like to consolidate  my knoweldge regarding the
above
> > > > operatings system through a deep exopsure to security. i am
thinking
> > > > of books, mailing lists, and training courses, i also stumbled
once on
> > > > a hacker group that would let you joing if you solve a puzzle,
some
> > > > kind of message encryption, but i do not remmber the site any
more,
> > > > the main objective is secure a career in network security.
> > > >
> > > > TIA
> > > >
> > > > ant ant
------------------------------------------------------------------------
---
> > > > Computer Forensics Training at the InfoSec Institute. All of our
class
> > sizes
> > > > are guaranteed to be 12 students or less to facilitate
one-on-one
> > > > interaction with one of our expert instructors. Gain the
in-demand
> > skills of
> > > > a certified computer examiner, learn to recover trace data left
behind
> > by
> > > > fraud, theft, and cybercrime perpetrators. Discover the source
of
> > computer
> > > > crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
> > > >
------------------------------------------------------------------------
----
> > > >
-- 
For Security and Open Source news:
http://xyberpix.demon.co.uk