Specialised Pen-testing/Security distros

[Catsworth]

Hi Guys,

I'm about to make a minor career change, and I'm moving into IT security and penetration testing.

I've still got a lot to learn but I'm getting there

My favourite 'flavour' of Linux so far has been Ubuntu, which I'm dual-booting with Windoze XP Pro.

I understand that there are some Linux distro's which are very heavily tailored towards IT security/vulnerability testing.

Does anybody have any idea if any of these distro's are any good? Would anybody recommend one? Would I be better with a specialised distro or should I stick with Ubuntu and install the various tools there?

I quite like the look of Backtrack.

Apparently it's based on SLAX, and is a merger of WHAX and Auditor.

Anybody got any thoughts on these, or experience using them?

If I install a third OS (whichever distro I choose in addition to Ubuntu) can I safely have all 3 sharing my HDD the same way that I currently dual-boot?

Sorry for all the questions, like I say I'm new and still have a lot to learn
Cheers guys.

[fingal]

I'm no expert on this but I would think almost any major distro is suitable for security testing. Not everyone likes Ubuntu's philosophy of allowing users to run processes with sudo.

I saw you mentioned using a pen drive? A little known distro - used originally as a network testing tool - is RUNT Linux. Its future is in doubt now that the main developer is going to work with Google. I think you could also use a pen drive distro like Damn Small Linux, or maybe adapt Knoppix.

Multi-booting distros is very possible with few problems. Most of us on here do it when we feel like it. I think it's a good idea to learn about the Grub bootloader (other's prefer Lilo) and there's a great little tutorial on here if you look in the tutorials section.

Actually if you use Linux for long enough you are naturally drawn towards security issues as you become more aware of how to secure your box. The usual rules apply, and you'll find plenty of other threads on here dealing with this.

[Catsworth]

Hi,

When I talked about pen-testing above I mean "penetration testing".

The distro's I've mentioned all come with security/vulnerability testing software (port mappers, traffic sniffers, etc).

Thanks for your comments though, much appreciated.

*Cats*

[Catsworth]

Also, I'm not quite sure what the problem is with allowing users to run as root using sudo, could someone explain the problem with that please?

Thanks.

[Kojak]

The sudo thing is off-topic, so we should not discuss it in this thread imho.

Based on your original question about penetration, there are several distros that are suiteable for that. Pentoo (Gentoo offshot) is one of them, nubuntu (Ubuntu offshot) is another one that might be interesting for you.

More is available here: http://distrowatch.com/search.php?ca...&status=Active

[bigtomrodney]

Just a quick shout in, I have often used Phlak for pen testing. www.phlak.org - Professional Hackers Linux Assault Kit

[Catsworth]

Hi Guys, thanks for that.

I've had a look at P.H.L.A.K but it would appear that development of it has been abandoned, I'm not sure if that's likely to cause me problems in the future as I try to stay current.

I'll certainly take a look at the Ubuntu variant though, that does sound interesting.

Thanks again.

[pavlo_7]

Take a look at Knoppix STD
and few others, also based on Knoppix

[zillah]

I am wondering why has not Back|Tarck been mentioned ?