which Linux distro better for "hacking"/pen testin

jkstechjkstech Member Posts: 330
let me explain icon_wink.gif

i am using virtual pc to set up a virtual network, i want to include on that network to "hacker" machines, one being windows xp and the other being a linux machine, i know many hackers use linux and many classes that teach security/ceh will use linux to hack/pen test the network

i'm just looking for reccomendations as to which distro if any, would be better for this purpose than others as i can't remember which distro the instructor used in a class i attended in which he cracked WEP
i know you can do these things with windows, but i want to understand the process from both sides

thanks
get back to studying!!!

Comments

  • mobri09mobri09 Users Awaiting Email Confirmation Posts: 723
    I have seen it done with Knoppix before.
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    I use a knoppix mini cd when I need to do something quick and dirty. But for most comprehensive stuff I use Redhat running on a simple Toshiba Satellite M30. I've also done labs (and used them for instructing) where I would have a Windows 2000 or 2003 host os (which is also the target box) and run Redhat via VMWare or Virtual PC as the attack machine. A good way to start is make sure the 2000 or 2003 machine has no patches or service packs. Experiment and learn some of the more common exploits. Then start to patch the machine and apply service packs. While patching the target os in increments keep attacking it, while making note of which exploits don't work anymore and why (as in which patch or service pack protected the target from the attack machine). Keep practicing this and over time you will have a good feel for how a target is vulnearble just by identifying which service packs is or is not applied. Keep a close eye on critical security updates released by Microsoft. Before applying these latest patches to your target VM, see if you can exploit the weakness the patch is supposed to address (I had to get the help of some really good programmers and application security folks when I started doing this, so make sure you hang out on some of the application security forums). Give yourself a couple of years and you should be pretty solid. Also make sure you reverse the configuration occassionally to. Meaning, let the Linux install be the target and the Windows install being the attack platform. This way you will be more well rounded. And not only that, you will begin to understand the Linux kernel and get comfortable using the Linux command line (cause most of the tools for Linux DOES NOT work using a Linux GUI).
  • jkstechjkstech Member Posts: 330
    icon_eek.gif

    thanks guys, i really appreciate it
    i had heard about auditor, but i knew red hat was a common distro and i had planned on putting that in the mix simply because it was a common one, that and suse

    i do also want to practice with hacking into linux servers/clients as some companies use linux also

    what's good about it is that i told my IT director what i planned on doing, he offered to buy me a new laptop with max ram (2gb) and any programs i want to try out (like vmware or anything else) on top of the fact that we have a volume liscense with Mr. Gates so i can use the MS products with no time limits :D

    he also said he would send me to CEH training when i'm ready to do it (still have a few other things to get out of the way, like at least finishing my MCSA, then mabey focus on the ceh, then finish MCSE, since they are creating a position i will be able to move into once i have the MCSA/MCSE)

    so thanks fellas
    i will definately be asking for your input
    and keatron that is a good idea about exploiting then patching and finding out what patches fix...so when i set up my server i will apply no patches
    i have a copy of 2000 as well as 2003 server so i was gonna use both

    what are the more commone linux servers? red hat?
    get back to studying!!!
  • seuss_ssuesseuss_ssues Member Posts: 629
    The thing you need to realize is that linux is linux, redhat, slackware, Suse, etc run ontop of the same kernals. So if you find a kernal exploit it is likely to be effective on most distros.
  • jkstechjkstech Member Posts: 330
    thanks

    i do understand in regards to exploits most linux distro's will be the same

    i was more interested in the distros that are specifiacally used for security/pen testings as there are a few

    knoppix-std
    whoppix
    helix?
    haking9?
    auditor..
    whax?

    i just wanted a suggestion from the great people on this forum, i will most likeyly try each one out and see which i like best, as i don't know much about any one of these
    get back to studying!!!
  • jkstechjkstech Member Posts: 330
    i've decided to try them all out for myself

    so far i have a virtual machine for phlak and auditor
    i wanna get knoppix-std also

    phlak includes a good amount of security documents in the os, including documentation on all the included tools
    get back to studying!!!
  • evanderburgevanderburg Member Posts: 229 ■■■□□□□□□□
    I use Auditor in my classes. Here is a site with some tutorial videos that you might find helpful. http://crimemachine.com/tutorial.htm
    "You can never know everything and part of what you know is always wrong. Perhaps even the most important part. A portion of wisdom lies in knowing that. A portion of courage lies in going on anyway. " - Lan, Winter's Heart by Robert Jordan
  • jkstechjkstech Member Posts: 330
    thanks, what class are you taking?
    get back to studying!!!
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    I'd recommend using the latest release of Fedora or OpenSuse.org. Since Redhat is becoming a big player, that's what you'll more than likely come across in a workplace, and Suse is Novell's new baby, you'll get some experience with actual implementations of new Netware implimentations. (Redhat and Suse/Novell were the two major players at LinuxWorld in San Francisco last year, and they each had a lot of partner companies, so it's a safe bet that they're going to be the ones to beat, in the coming few years.)

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • jkstechjkstech Member Posts: 330
    thanks, i have a suse10 virtual machine also
    get back to studying!!!
  • OpiOpi Member Posts: 127
    keatron wrote:
    (I had to get the help of some really good programmers and application security folks when I started doing this, so make sure you hang out on some of the application security forums).

    Got any good examples of these kind of forums ?
    Thanx a lot
  • Ten9t6Ten9t6 Member Posts: 691
    Knoppix STD, here....

    Kenny
    Kenny

    A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
  • OpenSourceOpenSource Member Posts: 135
    Linux based tools I've used for hacking/penetration and other security related tasks include the following distrobutions listed below.

    These tools are all free of charge (OpenSource under GPL/GNU) and can be easily downloaded from their homepage links. In addition, they are all "LiveCD" or "LiveDVD" format and can be run from nearly any computer.


    Knoppix-STD Linux
    http://www.knoppix-std.org

    Knoppix Linux
    http://www.knoppix.org

    P.H.L.A.K. Linux
    http://www.phlak.org

    Auditor Linux
    http://www.remote-exploit.org

    WHAX Linux
    http://iwhax.net/index.php/Main_Page

    Back-Track Linux
    http://www.remote-exploit.org


    Enjoy!,
    - Joey
Sign In or Register to comment.