Penetration Testing mailing list archives
Re: delving deeper
From: GuidoZ <uberguidoz () gmail com>
Date: Mon, 20 Dec 2004 16:26:48 -0500
Well UberGuidoZ, you better go download the new version. =)
(O_o) New version? Mmmm, two of my favorite words. (Oh, that's Mr. UberGuidoZ to you "DJ". =P )
WHoppix 2.5 (based on knoppix 3.7)
Doh! I have (and was using) v2.5 - maybe I read wrong. (I thought it said it was based on v3.6). Maybe it was v2.4. No matter - the I-Stick works on Whoppix, just not Knoppix. And whatever version I had was based on Knoppix v3.6, so it confused the hell outta me. I had downloaded and burned Knoppix v3.7, though the MD5s didn't match after the burn and it started giving me kernel errors on boot, so I just dismissed it as a toasted CD. Will try it again. (Emailing from v3.6 right now.) Whoppix shows promise to be a very full-featured pen-testing kit. Assuming it's kept up to date, it would be another CD I carry with me on the job, and advise others to do. Something else I appreciated - Java/Flash support right out of the box. Trivial to fix I know, but it's nice to not have to do it. ;) -- Peace. ~G On Mon, 20 Dec 2004 13:46:04 -0600, Todd Towles <toddtowles () brookshires com> wrote:
Well UberGuidoZ, you better go download the new version. =) WHoppix 2.5 (based on knoppix 3.7)-----Original Message----- From: GuidoZ [mailto:uberguidoz () gmail com] Sent: Monday, December 20, 2004 2:22 AM To: David Taylor Cc: xyberpix; Chris Benedict; pen-test () securityfocus com Subject: Re: delving deeperMy favourite is whoppix, another knoppix variant that has alarge bodyof exploits included.I'm actually emailing from Whoppix right now. Been playing with it most of the night. Very well built and could be a pen-testers dream. It's not setup like many of the other Knoppix distros (though it reminds me of Knoppix-STD), as it doesn't have all the bells and whistles. It's chocked FULL of pen-testing applications and exploits however. Impressvie indeed. I also noticed something odd... Whoppix seems to support my 1GB PQI I-Stick (USB Flash drive) while Knoppix (v3.4 and v3.6) or Knoppix-STD (0.1) don't. Whoppix is based on Knoppix v3.6, so go figure. I'm just happy to have a 1GB home drive I can carry around. =) -- Peace. ~G On Wed, 15 Dec 2004 11:16:54 +1100, David Taylor <David.Taylor () austrac gov au> wrote:My favourite is whoppix, another knoppix variant that has alarge bodyof exploits included. www.whoppix.net And the site even has some nice demos to get you going :) Regards David Taylor -----Original Message----- From: xyberpix [mailto:xyberpix () xyberpix com] Sent: Wednesday, 15 December 2004 4:00 AM To: Chris Benedict Cc: pen-test () securityfocus com Subject: Re: delving deeper Hi Chris, Go and download a copy of PHLAK(http://www.phlak.org),there's a loadof good docs on the disc, and some really good tools to getyou going.Above it all it's Linux, so it should run on your machines. Aside from that scour the net for anything pertaining topen testingand security, and read as much as you can possiblytollerate, it'll beworth it in the end. xyberpix On Mon, 13 December, 2004 10:34 pm, Chris Benedict said:Hi, I've been looking at security and penetration-testingfor sometime now and would like to get further into it. I'd liketo learnmore about penetration-testing, forensics, techniques for network exploration/mapping, web application security andincedent handling.However I'm not really sure where to start, I looked atthe OSSTMMand it was above my head. At the moment I have a very limited budget and only a few spare low-end computers. If it matters, I'm mainly runningOpenBSD. Arethere any particular books or other media that I shouldtake a lookat?Any thoughts or recommendations are welcomed and greatlyappreciated.-Chris Benedict-- For security and Opensource news check out: http://www.xyberpix.com**********************************************************************Please note that your email address is known toAUSTRAC for thepurposes of communicating with you. The informationtransmitted inthis e-mail is for the use of the intended recipientonly and maycontain confidential and/or legally privileged material.If you havereceived this information in error you must notdisseminate, copy ortake any action on it and we request that you deleteall copies ofthis transmission together with attachments and notify the sender. This footnote also confirms that this email message hasbeen swept forthe presence of computer viruses.**********************************************************************
Current thread:
- delving deeper Chris Benedict (Dec 14)
- Re: delving deeper xyberpix (Dec 14)
- Re: delving deeper Jacob Weeks (Dec 14)
- Re: delving deeper Jose Costa (Dec 14)
- <Possible follow-ups>
- Re: delving deeper bart2k (Dec 15)
- RE: delving deeper David Taylor (Dec 15)
- Re: delving deeper GuidoZ (Dec 20)
- Re: delving deeper GuidoZ (Dec 21)
- Re: delving deeper GuidoZ (Dec 22)
- Re: delving deeper xyberpix (Dec 14)