which Linux distro better for "hacking"/pen testin

jkstech

let me explain

i am using virtual pc to set up a virtual network, i want to include on that network to "hacker" machines, one being windows xp and the other being a linux machine, i know many hackers use linux and many classes that teach security/ceh will use linux to hack/pen test the network

i'm just looking for reccomendations as to which distro if any, would be better for this purpose than others as i can't remember which distro the instructor used in a class i attended in which he cracked WEP
i know you can do these things with windows, but i want to understand the process from both sides

thanks

mobri09

I have seen it done with Knoppix before.

Webmaster

Try the Auditor Security Knoppix:

www.remote-exploit.org/index.php/Auditor_main

keatron

I use a knoppix mini cd when I need to do something quick and dirty. But for most comprehensive stuff I use Redhat running on a simple Toshiba Satellite M30. I've also done labs (and used them for instructing) where I would have a Windows 2000 or 2003 host os (which is also the target box) and run Redhat via VMWare or Virtual PC as the attack machine. A good way to start is make sure the 2000 or 2003 machine has no patches or service packs. Experiment and learn some of the more common exploits. Then start to patch the machine and apply service packs. While patching the target os in increments keep attacking it, while making note of which exploits don't work anymore and why (as in which patch or service pack protected the target from the attack machine). Keep practicing this and over time you will have a good feel for how a target is vulnearble just by identifying which service packs is or is not applied. Keep a close eye on critical security updates released by Microsoft. Before applying these latest patches to your target VM, see if you can exploit the weakness the patch is supposed to address (I had to get the help of some really good programmers and application security folks when I started doing this, so make sure you hang out on some of the application security forums). Give yourself a couple of years and you should be pretty solid. Also make sure you reverse the configuration occassionally to. Meaning, let the Linux install be the target and the Windows install being the attack platform. This way you will be more well rounded. And not only that, you will begin to understand the Linux kernel and get comfortable using the Linux command line (cause most of the tools for Linux DOES NOT work using a Linux GUI).

jkstech

thanks guys, i really appreciate it
i had heard about auditor, but i knew red hat was a common distro and i had planned on putting that in the mix simply because it was a common one, that and suse

i do also want to practice with hacking into linux servers/clients as some companies use linux also

what's good about it is that i told my IT director what i planned on doing, he offered to buy me a new laptop with max ram (2gb) and any programs i want to try out (like vmware or anything else) on top of the fact that we have a volume liscense with Mr. Gates so i can use the MS products with no time limits

he also said he would send me to CEH training when i'm ready to do it (still have a few other things to get out of the way, like at least finishing my MCSA, then mabey focus on the ceh, then finish MCSE, since they are creating a position i will be able to move into once i have the MCSA/MCSE)

so thanks fellas
i will definately be asking for your input
and keatron that is a good idea about exploiting then patching and finding out what patches fix...so when i set up my server i will apply no patches
i have a copy of 2000 as well as 2003 server so i was gonna use both

what are the more commone linux servers? red hat?

seuss_ssues

The thing you need to realize is that linux is linux, redhat, slackware, Suse, etc run ontop of the same kernals. So if you find a kernal exploit it is likely to be effective on most distros.

jkstech

thanks

i do understand in regards to exploits most linux distro's will be the same

i was more interested in the distros that are specifiacally used for security/pen testings as there are a few

knoppix-std
whoppix
helix?
haking9?
auditor..
whax?

i just wanted a suggestion from the great people on this forum, i will most likeyly try each one out and see which i like best, as i don't know much about any one of these

jkstech

i've decided to try them all out for myself

so far i have a virtual machine for phlak and auditor
i wanna get knoppix-std also

phlak includes a good amount of security documents in the os, including documentation on all the included tools

evanderburg

I use Auditor in my classes. Here is a site with some tutorial videos that you might find helpful. http://crimemachine.com/tutorial.htm

jkstech

thanks, what class are you taking?

Slowhand

I'd recommend using the latest release of Fedora or OpenSuse.org. Since Redhat is becoming a big player, that's what you'll more than likely come across in a workplace, and Suse is Novell's new baby, you'll get some experience with actual implementations of new Netware implimentations. (Redhat and Suse/Novell were the two major players at LinuxWorld in San Francisco last year, and they each had a lot of partner companies, so it's a safe bet that they're going to be the ones to beat, in the coming few years.)

jkstech

thanks, i have a suse10 virtual machine also

Opi

keatron wrote:

(I had to get the help of some really good programmers and application security folks when I started doing this, so make sure you hang out on some of the application security forums).

Got any good examples of these kind of forums ?
Thanx a lot

Ten9t6

Knoppix STD, here....

Kenny

OpenSource

Linux based tools I've used for hacking/penetration and other security related tasks include the following distrobutions listed below.

These tools are all free of charge (OpenSource under GPL/GNU) and can be easily downloaded from their homepage links. In addition, they are all "LiveCD" or "LiveDVD" format and can be run from nearly any computer.


Knoppix-STD Linux
http://www.knoppix-std.org

Knoppix Linux
http://www.knoppix.org

P.H.L.A.K. Linux
http://www.phlak.org

Auditor Linux
http://www.remote-exploit.org

WHAX Linux
http://iwhax.net/index.php/Main_Page

Back-Track Linux
http://www.remote-exploit.org


Enjoy!,
- Joey