RE: Any caveats for linux under VMware, pen testing?

From: Wozny, Scott (US - New York) (swozny_at_deloitte.com)
Date: 09/09/04

  • Next message: Dr. S. A. Vetha Manickam: "Re: Patch management tool - a rethink"
    Date: Wed, 8 Sep 2004 22:27:24 -0400
    To: "Todd Towles" <toddtowles@brookshires.com>, "Hans Porter" <infosecprofessional@gmail.com>, <shannon@areawidetech.com>
    
    

    Personally, I'm also a big fan of bootable distros but running on
    RAMdisks and such can present a few performance issues if you're not
    careful. Also, keeping up to date can be a pain for signatures and
    such.

    What I like to do is strip the last 10 gigs off the primary partition of
    my HD using NTFSresize & fdisk and load a distro on the newly acquired
    space. I use windows most of the time and when I need Linux tools I use
    GRUB to boot into the Linux kernel. This is also handy for getting at
    files that windows has locked up most of the time (but a CD distro is a
    lot easier way to do that). One caveat is that I always do this on a
    fresh machine as even with defrag sometimes certain stubborn chains will
    stay at the end of the hard drive and if you reset the sector
    assignments of the primary partition and there are files there the
    results can be unpredictable. On fresh machines I've never had a
    problem as long as I followed the instructions carefully. So if your HD
    is sparsely used and there's nothing occupying the later sectors you
    might want to consider this option. Don't get me wrong, I like VMWare
    for running 2 OSes simultaneously and task switching between them but I
    guess I'm a purist who likes the idea of running OSes independently on
    bigger projects so I can be sure of what I'm getting.

    Good luck,

    Scott

    -----Original Message-----
    From: Todd Towles [mailto:toddtowles@brookshires.com]
    Sent: Tuesday, September 07, 2004 12:38 PM
    To: Hans Porter
    Cc: pen-test@securityfocus.com
    Subject: RE: Any caveats for linux under VMware, pen testing?

    This isn't stressed enough when talking about bootable Linux CDs. Most
    of the software on bootable CDs are version behind at best. Namp will be
    old, Nikto will be old, Nessus will be old.

    Keep in mind that running Nessus off of Knoppix is very easy, but your
    scans will a bit out of date.

    I have Knoppix-STD in the CD of my work laptop right now. I like it but
    you might want to look into updating the plugins if you need the best
    information.

    -----Original Message-----
    From: Hans Porter [mailto:infosecprofessional@gmail.com]
    Sent: Saturday, September 04, 2004 4:49 AM
    To: shannon@areawidetech.com
    Cc: pen-test@securityfocus.com
    Subject: Re: Any caveats for linux under VMware, pen testing?

    Shannon,

       VMWare, (AFAIK) currently does not support Wireless networking, so I
    don't even think it is possible to bridge to a wireless NIC that exists
    in the host OS, much less have all the wifi utilities work under the
    guest OS. The bridging may be possible, but even so, the guest OS will
    still see the NIC as the AMD PCNet32 wired NIC, so no love for kismet,
    airsnort, and the like. I have used VMWare for using Nessus during
    pentests and have found that it works fine. I use the Windows client
    (Nessus-WX) and connect back to the VMWare machine and it works fine. I
    don't know if you have installed SP2 to your XP laptop, but since they
    disable support for "raw sockets", I am curious if this affects raw
    packet support in bridging mode under VMWare? If so, this could affect
    some of the packets sent from Nessus and Nmap.
    Another alternative is to take a lab machine and boot from one of the
    Knoppix distros and use that. My personal favorite is Knoppix-STD
    (0.1 - not 0.1b) and running Nessus from there is fine after you make a
    user and so forth - just keep in mind, you do not want to start Nessus
    via the Fluxbox menu, as it restricts client connections to 127.0.0.1.
    I just run the normal stuff from the CLI (nessus-mkcert, nessus-adduser,
    nessusd -D) and then run my nessus client from Windows and connect.
    Going the bootable CD route would definitely cut down on prep time for
    switching over a lab machine. Just my thoughts. Good luck.

       --- Hans

    On 3 Sep 2004 17:59:47 -0000, shannon@areawidetech.com
    <shannon@areawidetech.com> wrote:
    >
    >
    > I'm considering running Linux from my XP pro laptop under a VMWare
    (workstation edition) session. Anyone out there w/ experience using this
    setup that might have any tips / warnings / encouraging advice? This
    machine would be for pen testing, and is definitely beefy enough to
    handle the load, if this is a good solution. I'd be running Nessus, and
    doing probing w/ nmap.
    >
    > My other alternative is to repurpose a machine from our lab, but the
    physical setup and reloading would take far more time than the VMWare
    option, and would obviously be less flexible.
    >
    > So is anyone out there using this setup...? I heard rumors of problems
    related to direct hardware access (the NIC) for wardiving purposes...?
    >
    > Thanks!
    >
    > -Shannon Kelley
    >
    > ----------------------------------------------------------------------
    > -------- Ethical Hacking at the InfoSec Institute. All of our class
    > sizes are guaranteed to be 12 students or less to facilitate
    > one-on-one interaction with one of our expert instructors. Check out
    > our Advanced Hacking course, learn to write exploits and attack
    > security infrastructure. Attend a course taught by an expert
    > instructor with years of in-the-field pen testing experience in our
    > state of the art hacking lab. Master the skills of an Ethical Hacker
    > to better assess the security of your organization.
    >
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ----------------------------------------------------------------------
    > ---------
    >
    >

    ------------------------------------------------------------------------
    ------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one
    interaction with one of our expert instructors. Check out our Advanced
    Hacking course, learn to write exploits and attack security
    infrastructure. Attend a course taught by an expert instructor with
    years of in-the-field pen testing experience in our state of the art
    hacking lab. Master the skills of an Ethical Hacker to better assess the
    security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    -------

    ------------------------------------------------------------------------
    ------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one
    interaction
    with one of our expert instructors. Check out our Advanced Hacking
    course,
    learn to write exploits and attack security infrastructure. Attend a
    course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ------------------------------------------------------------------------
    -------

    This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.

    ------------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. All of our class sizes are
    guaranteed to be 12 students or less to facilitate one-on-one interaction
    with one of our expert instructors. Check out our Advanced Hacking course,
    learn to write exploits and attack security infrastructure. Attend a course
    taught by an expert instructor with years of in-the-field pen testing
    experience in our state of the art hacking lab. Master the skills of an
    Ethical Hacker to better assess the security of your organization.

    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    -------------------------------------------------------------------------------


  • Next message: Dr. S. A. Vetha Manickam: "Re: Patch management tool - a rethink"

    Relevant Pages