Results 1 to 9 of 9
Hi Guys, I'm about to make a minor career change, and I'm moving into IT security and penetration testing. I've still got a lot to learn but I'm getting there ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 07-25-2006 #1
Specialised Pen-testing/Security distros
I'm about to make a minor career change, and I'm moving into IT security and penetration testing.
I've still got a lot to learn but I'm getting there
My favourite 'flavour' of Linux so far has been Ubuntu, which I'm dual-booting with Windoze XP Pro.
I understand that there are some Linux distro's which are very heavily tailored towards IT security/vulnerability testing.
Does anybody have any idea if any of these distro's are any good? Would anybody recommend one? Would I be better with a specialised distro or should I stick with Ubuntu and install the various tools there?
I quite like the look of Backtrack.
Apparently it's based on SLAX, and is a merger of WHAX and Auditor.
Anybody got any thoughts on these, or experience using them?
If I install a third OS (whichever distro I choose in addition to Ubuntu) can I safely have all 3 sharing my HDD the same way that I currently dual-boot?
Sorry for all the questions, like I say I'm new and still have a lot to learn
- 07-26-2006 #2
I'm no expert on this but I would think almost any major distro is suitable for security testing. Not everyone likes Ubuntu's philosophy of allowing users to run processes with sudo.
I saw you mentioned using a pen drive? A little known distro - used originally as a network testing tool - is RUNT Linux. Its future is in doubt now that the main developer is going to work with Google. I think you could also use a pen drive distro like Damn Small Linux, or maybe adapt Knoppix.
Multi-booting distros is very possible with few problems. Most of us on here do it when we feel like it. I think it's a good idea to learn about the Grub bootloader (other's prefer Lilo) and there's a great little tutorial on here if you look in the tutorials section.
Actually if you use Linux for long enough you are naturally drawn towards security issues as you become more aware of how to secure your box. The usual rules apply, and you'll find plenty of other threads on here dealing with this.I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso
- 07-26-2006 #3
When I talked about pen-testing above I mean "penetration testing".
The distro's I've mentioned all come with security/vulnerability testing software (port mappers, traffic sniffers, etc).
Thanks for your comments though, much appreciated.
- 07-26-2006 #4
Also, I'm not quite sure what the problem is with allowing users to run as root using sudo, could someone explain the problem with that please?
- 07-26-2006 #5
The sudo thing is off-topic, so we should not discuss it in this thread imho.
Based on your original question about penetration, there are several distros that are suiteable for that. Pentoo (Gentoo offshot) is one of them, nubuntu (Ubuntu offshot) is another one that might be interesting for you.
More is available here: http://distrowatch.com/search.php?ca...&status=ActiveWindows free since 2002 | computing since 1984
- 07-26-2006 #6
- 07-26-2006 #7
Hi Guys, thanks for that.
I've had a look at P.H.L.A.K but it would appear that development of it has been abandoned, I'm not sure if that's likely to cause me problems in the future as I try to stay current.
I'll certainly take a look at the Ubuntu variant though, that does sound interesting.
- 07-27-2006 #8
- Join Date
- Jul 2005
- 03-29-2007 #9
- Join Date
- Nov 2002
I am wondering why has not Back|Tarck been mentioned ?