From: Chad (chad@mr-lew.com)
Date: Fri Sep 03 2004 - 20:04:11 EDT
Shannon,
I've done some limited "playing" with that type of setup and
didn't come up on any problems. However, with all the talk lately of
problems with XP SP2 things may be different. There have been some
reports that XP SP2 disables access to the raw sockets for IP. (Someone
correct me if my explanation isn't correct...) That means you won't have
any problems capturing traffic, but you will/may have problems spoofing
addresses. Don't know how the VMWare aspect will react and if it will
overcome the issue.
I would be curious to know the outcome...
HTH,
Lew
-----Original Message-----
From: shannon@areawidetech.com [mailto:shannon@areawidetech.com]
Sent: Friday, September 03, 2004 2:00 PM
To: pen-test@securityfocus.com
Subject: Any caveats for linux under VMware, pen testing?
I'm considering running Linux from my XP pro laptop under a VMWare
(workstation edition) session. Anyone out there w/ experience using this
setup that might have any tips / warnings / encouraging advice? This
machine would be for pen testing, and is definitely beefy enough to
handle the load, if this is a good solution. I'd be running Nessus, and
doing probing w/ nmap.
My other alternative is to repurpose a machine from our lab, but the
physical setup and reloading would take far more time than the VMWare
option, and would obviously be less flexible.
So is anyone out there using this setup...? I heard rumors of problems
related to direct hardware access (the NIC) for wardiving purposes...?
Thanks!
-Shannon Kelley
------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Check out our Advanced
Hacking course, learn to write exploits and attack security
infrastructure. Attend a course taught by an expert instructor with
years of in-the-field pen testing experience in our state of the art
hacking lab. Master the skills of an Ethical Hacker to better assess the
security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:03 EDT