RE: Any caveats for linux under VMware, pen testing?

From: Todd Towles (toddtowles@brookshires.com)
Date: Tue Sep 07 2004 - 12:37:46 EDT


This isn't stressed enough when talking about bootable Linux CDs. Most
of the software on bootable CDs are version behind at best. Namp will be
old, Nikto will be old, Nessus will be old.

Keep in mind that running Nessus off of Knoppix is very easy, but your
scans will a bit out of date.

I have Knoppix-STD in the CD of my work laptop right now. I like it but
you might want to look into updating the plugins if you need the best
information.

-----Original Message-----
From: Hans Porter [mailto:infosecprofessional@gmail.com]
Sent: Saturday, September 04, 2004 4:49 AM
To: shannon@areawidetech.com
Cc: pen-test@securityfocus.com
Subject: Re: Any caveats for linux under VMware, pen testing?

Shannon,

   VMWare, (AFAIK) currently does not support Wireless networking, so I
don't even think it is possible to bridge to a wireless NIC that exists
in the host OS, much less have all the wifi utilities work under the
guest OS. The bridging may be possible, but even so, the guest OS will
still see the NIC as the AMD PCNet32 wired NIC, so no love for kismet,
airsnort, and the like. I have used VMWare for using Nessus during
pentests and have found that it works fine. I use the Windows client
(Nessus-WX) and connect back to the VMWare machine and it works fine. I
don't know if you have installed SP2 to your XP laptop, but since they
disable support for "raw sockets", I am curious if this affects raw
packet support in bridging mode under VMWare? If so, this could affect
some of the packets sent from Nessus and Nmap.
Another alternative is to take a lab machine and boot from one of the
Knoppix distros and use that. My personal favorite is Knoppix-STD
(0.1 - not 0.1b) and running Nessus from there is fine after you make a
user and so forth - just keep in mind, you do not want to start Nessus
via the Fluxbox menu, as it restricts client connections to 127.0.0.1.
I just run the normal stuff from the CLI (nessus-mkcert, nessus-adduser,
nessusd -D) and then run my nessus client from Windows and connect.
Going the bootable CD route would definitely cut down on prep time for
switching over a lab machine. Just my thoughts. Good luck.

   --- Hans

On 3 Sep 2004 17:59:47 -0000, shannon@areawidetech.com
<shannon@areawidetech.com> wrote:
>
>
> I'm considering running Linux from my XP pro laptop under a VMWare
(workstation edition) session. Anyone out there w/ experience using this
setup that might have any tips / warnings / encouraging advice? This
machine would be for pen testing, and is definitely beefy enough to
handle the load, if this is a good solution. I'd be running Nessus, and
doing probing w/ nmap.
>
> My other alternative is to repurpose a machine from our lab, but the
physical setup and reloading would take far more time than the VMWare
option, and would obviously be less flexible.
>
> So is anyone out there using this setup...? I heard rumors of problems
related to direct hardware access (the NIC) for wardiving purposes...?
>
> Thanks!
>
> -Shannon Kelley
>
> ----------------------------------------------------------------------
> -------- Ethical Hacking at the InfoSec Institute. All of our class
> sizes are guaranteed to be 12 students or less to facilitate
> one-on-one interaction with one of our expert instructors. Check out
> our Advanced Hacking course, learn to write exploits and attack
> security infrastructure. Attend a course taught by an expert
> instructor with years of in-the-field pen testing experience in our
> state of the art hacking lab. Master the skills of an Ethical Hacker
> to better assess the security of your organization.
>
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> ----------------------------------------------------------------------
> ---------
>
>

------------------------------------------------------------------------
------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Check out our Advanced
Hacking course, learn to write exploits and attack security
infrastructure. Attend a course taught by an expert instructor with
years of in-the-field pen testing experience in our state of the art
hacking lab. Master the skills of an Ethical Hacker to better assess the
security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
-------

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:04 EDT