Re: 'in-line' pentest and pentest linux distro?

[<psiphon () infosecguides com>]

In-Reply-To: <20050412111859.O89525-100000 () xs2 xs4all nl>

Not sure about the answers to your other questions, but as far as a pentest linux distro, check out

http://www.whoppix.net

They have some video demos that show some of the tools in action as well. A pentesters dream version of Knoppix. 

Psiphon

> Received: (qmail 22569 invoked from network); 12 Apr 2005 13:36:08 -0000
> Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
>  by mail.securityfocus.com with SMTP; 12 Apr 2005 13:36:08 -0000
> Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
>       by outgoing3.securityfocus.com (Postfix) with QMQP
>       id 9D0FB237025; Tue, 12 Apr 2005 07:44:49 -0600 (MDT)
> Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <pen-test.list-id.securityfocus.com>
> List-Post: <mailto:pen-test () securityfocus com>
> List-Help: <mailto:pen-test-help () securityfocus com>
> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com>
> Delivered-To: mailing list pen-test () securityfocus com
> Delivered-To: moderator for pen-test () securityfocus com
> Received: (qmail 24806 invoked from network); 12 Apr 2005 09:56:41 -0000
> Date: Tue, 12 Apr 2005 11:33:13 +0200 (CEST)
> From: Rob J Meijer <rmeijer () xs4all nl>
> To: pen-test () securityfocus com
> Subject: 'in-line' pentest and pentest linux distro?
> Message-ID: <20050412111859.O89525-100000 () xs2 xs4all nl>
> MIME-Version: 1.0
> Content-Type: TEXT/PLAIN; charset=US-ASCII
> X-Virus-Scanned: by XS4ALL Virus Scanner
>
> When looking at enviroments with  MAC locking and ID in place, and pentest
> possibilities from workstation locations, I've been trying to find some
> info on the 'in-line' way of working for such tests.
>
> It apears that I'm either the only one ever to have had the need for
> inline pentests, in order to test at workstation network connections that
> have MAC locking and ID in place, or that I just am using the wrong name
> for the concept.
>
> I'm interesting to know:
>
> 1) Is nobody running into MAC lock and MAC ID enviroments where the
>   workstation network connections are relevant?
> 2) If anyone is, what are you using to do these tests, and would this
>   be suitable for 'in-line' usage?
> 3) Is anyone seriously working on a pentest linux distro?
> 4) Do you think building and combining this functionality ino a
>   specialized small linux distribution for something like the sigarete-box
>   sized XXS1500, or something like it would be desirable for such functionality.
>
> I currently am occupied with an other big open source project, so I am
> hoping someone else has or will do some work on both the testing
> of MAC locked or MAC ID enabled enviroments and the creation of a pentest
> linux distro.
> I think I could fit in some porting to small devices from a basic PC Linux
> based distribution to such a device, if however I completely would have to
> role a new distribution from scratch, building lots of the tools myself,
> I would not be able to fit this in this year (unless someone needs it
> enough to actualy pay me for working on it, while keeping it open source).
>
> I think building a pentest inline device linux distro would be practical
> and usefull, but maybe its just my gadget madnes playing tricks on me ;-)
> Let me know what you think.
>
>
> Rob