Penetration Testing mailing list archives
Re: Any caveats for linux under VMware, pen testing?
From: Hans Porter <infosecprofessional () gmail com>
Date: Sat, 4 Sep 2004 05:48:47 -0400
Shannon, VMWare, (AFAIK) currently does not support Wireless networking, so I don't even think it is possible to bridge to a wireless NIC that exists in the host OS, much less have all the wifi utilities work under the guest OS. The bridging may be possible, but even so, the guest OS will still see the NIC as the AMD PCNet32 wired NIC, so no love for kismet, airsnort, and the like. I have used VMWare for using Nessus during pentests and have found that it works fine. I use the Windows client (Nessus-WX) and connect back to the VMWare machine and it works fine. I don't know if you have installed SP2 to your XP laptop, but since they disable support for "raw sockets", I am curious if this affects raw packet support in bridging mode under VMWare? If so, this could affect some of the packets sent from Nessus and Nmap. Another alternative is to take a lab machine and boot from one of the Knoppix distros and use that. My personal favorite is Knoppix-STD (0.1 - not 0.1b) and running Nessus from there is fine after you make a user and so forth - just keep in mind, you do not want to start Nessus via the Fluxbox menu, as it restricts client connections to 127.0.0.1. I just run the normal stuff from the CLI (nessus-mkcert, nessus-adduser, nessusd -D) and then run my nessus client from Windows and connect. Going the bootable CD route would definitely cut down on prep time for switching over a lab machine. Just my thoughts. Good luck. --- Hans On 3 Sep 2004 17:59:47 -0000, shannon () areawidetech com <shannon () areawidetech com> wrote:
I'm considering running Linux from my XP pro laptop under a VMWare (workstation edition) session. Anyone out there w/ experience using this setup that might have any tips / warnings / encouraging advice? This machine would be for pen testing, and is definitely beefy enough to handle the load, if this is a good solution. I'd be running Nessus, and doing probing w/ nmap. My other alternative is to repurpose a machine from our lab, but the physical setup and reloading would take far more time than the VMWare option, and would obviously be less flexible. So is anyone out there using this setup...? I heard rumors of problems related to direct hardware access (the NIC) for wardiving purposes...? Thanks! -Shannon Kelley ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.infosecinstitute.com/courses/ethical_hacking_training.html -------------------------------------------------------------------------------
Current thread:
- Any caveats for linux under VMware, pen testing? shannon (Sep 03)
- RE: Any caveats for linux under VMware, pen testing? Chad (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? Ben Timby (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? Hans Porter (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? Ivan Krstic (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? grutz (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? josh (Sep 07)
- Re: Any caveats for linux under VMware, pen testing? Marc (Sep 09)
- Re: Any caveats for linux under VMware, pen testing? Nilesh Burghate (Sep 10)
- <Possible follow-ups>
- RE: Any caveats for linux under VMware, pen testing? mthompson (Sep 07)
- RE: Any caveats for linux under VMware, pen testing? Jose Maria Lopez (Sep 07)
- RE: Any caveats for linux under VMware, pen testing? Roman, David (Sep 07)
- RE: Any caveats for linux under VMware, pen testing? DeGennaro, Gregory (Sep 08)
- RE: Any caveats for linux under VMware, pen testing? Bob Davies (Sep 08)
(Thread continues...)