Re: 'in-line' pentest and pentest linux distro?

psiphon_at_infosecguides.com
Date: 04/12/05

  • Next message: Fatih OZAVCI: "Re: Fingerprinting Firewall" 
    Date: 12 Apr 2005 21:46:52 -0000
To: pen-test@securityfocus.com
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <20050412111859.O89525-100000@xs2.xs4all.nl>

    Not sure about the answers to your other questions, but as far as a pentest linux distro, check out

    http://www.whoppix.net

    They have some video demos that show some of the tools in action as well. A pentesters dream version of Knoppix.

    Psiphon

    >Received: (qmail 22569 invoked from network); 12 Apr 2005 13:36:08 -0000
    >Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
    > by mail.securityfocus.com with SMTP; 12 Apr 2005 13:36:08 -0000
    >Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
    > by outgoing3.securityfocus.com (Postfix) with QMQP
    > id 9D0FB237025; Tue, 12 Apr 2005 07:44:49 -0600 (MDT)
    >Mailing-List: contact pen-test-help@securityfocus.com; run by ezmlm
    >Precedence: bulk
    >List-Id: <pen-test.list-id.securityfocus.com>
    >List-Post: <mailto:pen-test@securityfocus.com>
    >List-Help: <mailto:pen-test-help@securityfocus.com>
    >List-Unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
    >List-Subscribe: <mailto:pen-test-subscribe@securityfocus.com>
    >Delivered-To: mailing list pen-test@securityfocus.com
    >Delivered-To: moderator for pen-test@securityfocus.com
    >Received: (qmail 24806 invoked from network); 12 Apr 2005 09:56:41 -0000
    >Date: Tue, 12 Apr 2005 11:33:13 +0200 (CEST)
    >From: Rob J Meijer <rmeijer@xs4all.nl>
    >To: pen-test@securityfocus.com
    >Subject: 'in-line' pentest and pentest linux distro?
    >Message-ID: <20050412111859.O89525-100000@xs2.xs4all.nl>
    >MIME-Version: 1.0
    >Content-Type: TEXT/PLAIN; charset=US-ASCII
    >X-Virus-Scanned: by XS4ALL Virus Scanner
    >
    >When looking at enviroments with MAC locking and ID in place, and pentest
    >possibilities from workstation locations, I've been trying to find some
    >info on the 'in-line' way of working for such tests.
    >
    >It apears that I'm either the only one ever to have had the need for
    >inline pentests, in order to test at workstation network connections that
    >have MAC locking and ID in place, or that I just am using the wrong name
    >for the concept.
    >
    >I'm interesting to know:
    >
    >1) Is nobody running into MAC lock and MAC ID enviroments where the
    > workstation network connections are relevant?
    >2) If anyone is, what are you using to do these tests, and would this
    > be suitable for 'in-line' usage?
    >3) Is anyone seriously working on a pentest linux distro?
    >4) Do you think building and combining this functionality ino a
    > specialized small linux distribution for something like the sigarete-box
    > sized XXS1500, or something like it would be desirable for such functionality.
    >
    >I currently am occupied with an other big open source project, so I am
    >hoping someone else has or will do some work on both the testing
    >of MAC locked or MAC ID enabled enviroments and the creation of a pentest
    >linux distro.
    >I think I could fit in some porting to small devices from a basic PC Linux
    >based distribution to such a device, if however I completely would have to
    >role a new distribution from scratch, building lots of the tools myself,
    >I would not be able to fit this in this year (unless someone needs it
    >enough to actualy pay me for working on it, while keeping it open source).
    >
    >I think building a pentest inline device linux distro would be practical
    >and usefull, but maybe its just my gadget madnes playing tricks on me ;-)
    >Let me know what you think.
    >
    >
    >Rob
    >
    >
    >
    >

  • Next message: Fatih OZAVCI: "Re: Fingerprinting Firewall"

    Relevant Pages

    • in-line pentest and pentest linux distro?
      ... When looking at enviroments with MAC locking and ID in place, and pentest ... workstation network connections are relevant? ... Is anyone seriously working on a pentest linux distro? ...
      (Pen-Test)
    • Re: Layer 2 Security And Penetration Testing
      ... And even if possible usually not the focus of a pentest. ... In case a:employee the attacker usually could simply look for the MAC address of a colleague's PC during that colleague is getting some coffee at the machine... ... In case b:authorised external person exactly that MAC is authorised at the port and the usual question is: if somebody has access to our network, ... Enno Rey ...
      (Pen-Test)
    • Re: Layer 2 Security And Penetration Testing
      ... If there is equipment inside of the room you are in, ... laptops, of the MAC address. ... >I am scheduled to perform a pentest in a big company, ... >has enforced secure MAC on her switches (any port transmitting on other than its known MAC address is immediatltly blocked until helpdesk releases it. ...
      (Pen-Test)
    • Re: Which Distro?
      ... not the only non-OSX OS that runs on Mac hardware... ... > atleast one linux distro aimed at it mainly or something like that... ... AFAIK, the linux distros that run on mac are Yellow Dog, Debian, Gentoo ...
      (freebsd-questions)
    • Re: Can anyone help me stop Agent from replying to the e-mail addresss.......
      ... At that time I'll have a choice to make and it may well be to retire ... OR there is one way to get support for a Linux distro that you didn't ... BUY a Mac and get dealer support for both the OS and the hardware. ... Mac OS isn't Linux either btw - it's based on Darwin, ...
      (rec.autos.sport.f1)