.

Your attacking O/S you favor?

<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Fri Nov 17, 2006 12:03 am

Your attacking O/S you favor?

Just in the process of setting up a small home hacking lab with a friend of mine.  He has 3 systems and I have 3 and we'll probably stick VMWare on 2 out of 3 of each set of systems.  What is your preferred O/S to launch attacks from and store your tools on?  What does your hacking lab consist of?

Thanks!
GCIH, Security+, Network+, A+, MCP, DCSE
<<

LSOChris

Post Fri Nov 17, 2006 12:31 am

Re: Your attacking O/S you favor?

at LSO we try to use Linux as the attack platform and try to force command line only interaction with the OS (ala SSHing into the lab)

this is usually good enough.  you will find that some tools are only GUI so you need windows or Xwindows and alot of code lately will only compile on windows, in which case you need a windows box.

soooooo

to answer you question a little more fully i would have at least 2 attack platforms a linux box (your choice) and a windows box (2k)
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Nov 17, 2006 12:34 am

Re: Your attacking O/S you favor?

Here are a few resources already in the forums:

[Article]-Virtual Lab with VMware

CEH Lab Setup

Lab Setup v1 for Study Group

After perusing the above links, let us know what you think. And, of course, keep sharing as you move through the process of setting up and using your lab.

Hope this helps,
Don

PS - Welcome to EH-Net.
CISSP, MCSE, CSTA, Security+ SME
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Fri Nov 17, 2006 4:59 pm

Re: Your attacking O/S you favor?

Well don's already mentioned my article "Virtual Lab with VMware" (see the link in don's post).

My CEH lab consisted of 1 host running VMware. The guests included Windows XP Pro, Windows 2003 Server, Backtrack 1.0, FreeBSD 6.0 and finally a LiveCD VM (usually reserved for Knoppix-STD 1.0). Even though I've already got my CEH I've just recently added an OpenBSD 3.8 VM just to mess around with. I don't have enough RAM to run them all concurrently but I usually have at least 2 or 3 on at the same time so that I can check things out.

The Windows XP Pro machine has been fine tuned in to a mean hacking machine that I find I use just as often as I use Backtrack. It's fully patched and has the following installed on it; Cygwin, WinPcap, Nmap, Netcat, Packetyzer, Cain & Able, John the Ripper, Nessus, Tor (including Vidalia and Privoxy), Metasploit Framework, Security Forest Exploit Tree, Sid2user and User2sid.

I also installed some other stuff on it like VMware Tools (obviously), Acrobat Reader for PDF's, AVG and Zone Alarm for protection and Textpad. I much prefer Textpad over Notepad or Wordpad because it does syntax highlighting of HTML documents and has quite a lot of other features. I also installed 3 browsers; Internet Explorer, Opera and Firefox. Firefox is the default browser and has a few extensions including; FoxTor, User Agent Switcher, DOM Inspector and HTTP Live Headers. Firefox also has bookmarked links to "all the best hacking sites".  ;)

The Windows 2003 Server doesn't have any tools on it at all. It is however  Active Directory DC and holds the negrita.local domain name zone.

The Windows 2003 Server and FreeBSD machines were usually the victims of my experiments while the XP machine and Backtrack usually did the attacking (though they were sometimes the victims of each other).
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Fri Nov 17, 2006 6:54 pm

Re: Your attacking O/S you favor?

Thanks for the links and info! 

I'm not sure how many systems I can run in VMWare since I only have 1GB of RAM on my 3Ghz dual-core desktop.  It's currently dual-booting XP Pro and Gentoo Linux. I'd love to get my Gentoo Linux on VMWare with KDE but it just doesn't seem possible. I think I will keep my notebook, dual booting Gentoo & XP Pro (no wireless for some reason on Gentoo though) and my Desktop will have the Host as Gentoo Linux and Guest as: WinXP MCE (for my movies, and basic web surfing), WinXP Pro and Win2K3 Server.
GCIH, Security+, Network+, A+, MCP, DCSE
<<

Kev

Post Sat Nov 18, 2006 3:36 pm

Re: Your attacking O/S you favor?

  I agree completely that you should use both Linux and Windows as your OS for pentesting.  If I was forced to use just one and money was an issue, I would pick Linux. Linux comes in a lot of flavors and some are better for hacking than others, although if you are really an adept in Linux, you can make just about any distro work.  I would recommend starting with Ubuntu and Backtrack. 

  Backtrack is good simply because you can jump right into using programs like Kismet without having to fool around with installing wlan-ng drivers,etc.., which can be a headache sometimes. That way you can get the feel of certain tools right from the start. The problem with Backtrack is its moduler installation and it can be a pain to add new things to and the entire feel of it is not nearly as smooth as more polished distros  like Ubuntu or Fedora Core. So eventually you would want to take one of these and add all your tools as you learned more about how to recompile kernels,etc..  Fedora Core is great once you know enough Linux to tweek it to what you want. Once you have your Fedora the way you want it, cut off any more updates. Fedora is a beta testing ground for Red Hat and you don’t want to mess up your work with every download they send you. I will say that I like Fedora way more than Red Hat. Red Hat is way too conservative and slow to progress for my taste.

  If you use windows as an attack platform, I would recommend using XP pro that is not patched up to service pack 2.  Service pack 2 inhibits some scanner programs for example
Last edited by Kev on Sat Nov 18, 2006 3:42 pm, edited 1 time in total.
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Sun Nov 19, 2006 6:04 pm

Re: Your attacking O/S you favor?

Kev wrote:The problem with Backtrack is its moduler installation and it can be a pain to add new things to and the entire feel of it is not nearly as smooth as more polished distros  like Ubuntu or Fedora Core. So eventually you would want to take one of these and add all your tools as you learned more about how to recompile kernels,etc..


Don't you just wish that they'd bring out an up to date version of Knoppix-STD or that nubuntu was more polished? I do.

Kev wrote:If you use windows as an attack platform, I would recommend using XP pro that is not patched up to service pack 2.  Service pack 2 inhibits some scanner programs for example


This issue has been resolved by Fyodor a long long time ago. See here.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

Kev

Post Sun Nov 19, 2006 6:42 pm

Re: Your attacking O/S you favor?

Yes that would be great if they updated and came out with a more polished Distro.  My understanding is the nmap service pack 2 patch was a 90% fix but was not a complete work around. Perhaps its been updated again. I run nmap from Linux so I cant say for sure if nmap works as well on windows xp service pack 2 at this time so I need to check it out.

I know super scan had an issue with it also, but again I hope they fixed that also. I don’t really like the raw sockets restrictions that were implemented by service pack 2 and I find its so much easier to code a tool for Linux.
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Sun Nov 19, 2006 7:26 pm

Re: Your attacking O/S you favor?

I much prefer to use nmap, nessus and metasploit from a Linux shell anyway.  I'm just downloading Backtrack and going to attempt to install it in VMWare.  Has anyone else done this successfully?  Anything I need to know?

Thanks!
GCIH, Security+, Network+, A+, MCP, DCSE
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Nov 19, 2006 11:20 pm

Re: Your attacking O/S you favor?

VMware has an appliance already setup for BackTrack and many other Linux OSs. There's a really good hacking one based on SUSE. Just in case you're not familiar, appliances are virtual machines created by others that are already pre-packaged. Download and open in VMware. Saves loads of time and hassle installing from scratch.

http://www.vmware.com/vmtn/appliances/directory/

Don
CISSP, MCSE, CSTA, Security+ SME
<<

LSOChris

Post Mon Nov 20, 2006 11:34 am

Re: Your attacking O/S you favor?

you can just run it from the ISO if you dont need the latetst exploit of the day on it...
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Mon Nov 20, 2006 11:41 am

Re: Your attacking O/S you favor?

Thanks for the tip. I have downloaded BackTrack 2.0 Beta and (installed it?) on VMWare from the .iso. I first logged in, did "xorg.conf" then "startx" to hop into KDE. From there, it seems i'm stuck with a 640x480 60Htz display. It also crashed on me when trying to open a term. Not a good sign...
GCIH, Security+, Network+, A+, MCP, DCSE
<<

Negrita

User avatar

Sr. Member
Sr. Member

Posts: 299

Joined: Sat Sep 10, 2005 5:45 pm

Location: /dev/null

Post Mon Nov 20, 2006 3:34 pm

Re: Your attacking O/S you favor?

Perhaps you should try a stable release like Backtrack 1.0. Beta versions have a tendancy to be unstable.  ;D

Don's right about the Virtual Appliances. My Backtrack is a Virtual Appliance downloaded from the link in don's post. (BTW I have a full iso version on CD too). besides configuring the eth0 nic to fit my lab setting it was ready to go with no other changes needed.
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
<<

LSOChris

Post Mon Nov 20, 2006 5:35 pm

Re: Your attacking O/S you favor?

i agree, i booted up a stable ISO and had no problems either
<<

danielsen2009

Newbie
Newbie

Posts: 3

Joined: Thu Jul 26, 2007 12:02 am

Post Thu Jul 26, 2007 12:30 am

Re: Your attacking O/S you favor?

Question.. Im at a school where novell is used to login to the file servers.. or used to gain access to school files. The security manager bet me I couldnt get on the network.. But I cracked the wep and I have access to internet and all (with firewall restrictions) I can get past those, but what i would like to do is get on the file servers. I can see then with an ip but my student id wont work... My friend a mac user actually managed to crash his mac.. or the network did. Our school has a reactive server. He attacked it so it attacked him. What would the best linux distro be to gain access to network files? or is there a way to emulate novell on a computer without installing it? I could partition my hdd to have a novell install but i dont want to do that... Help would be nice!
Next

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software