Security auditing tools?

Mario Đanić mario.danic at gmail.com
Wed Feb 22 17:05:29 GMT 2006 

On 2/22/06, John Richard Moser <nigelenki at comcast.net> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I've noticed there's a LOT of LiveCDs out there like Auditor, Whax, and
> Backtrack.  There's also the Knoppix STD and Whoppix laying around out
> there.  Each of these provides a drop-in Live environment from which you
> can run password crackers, vulnerability scanners (nessus), and in some
> cases even hurl exploit code (metasploit) at the machines you're testing.
>
> Historically these tools are very difficult to install and configure on
> a typical system.  Nessus requires a server be set up with new users
> added, for example; while Auditor auto-configures nessusd and activates
> it on first run of Nessus.  So the long and short of it comes out to be
> that these LiveCDs come with all of this stuff pre-configured, with
> update scripts laying around for things like Nessus (grab new security
> plug-ins) and amap (grab new application banner databases).
>
> Ubuntu seems to have several branches.  There's a base desktop branch,
> an educational branch, a KDE desktop branch, a server branch, a small
> business server branch, etc.  Would it be infeasible to consider a
> security auditing branch which packages up security tools and initial
> configuration helpers (i.e. "get a dictionary for john the ripper,"
> "Copy local users to nessus user list," "update interface for
> Nessus/nmap/amap databases/plugins" etc)?  I may be going out on a limb
> here; I haven't considered that I may be the only person in the world
> who would find this useful.
>
> - --
> All content of all messages exchanged herein are left in the
> Public Domain, unless otherwise explicitly stated.
>
>     Creative brains are a valuable, limited resource. They shouldn't be
>     wasted on re-inventing the wheel when there are so many fascinating
>     new problems waiting out there.
>                                                  -- Eric Steven Raymond
>
>     We will enslave their women, eat their children and rape their
>     cattle!
>                                      -- Evil alien overlord from Blasto
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.1 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFD/JVIhDd4aOud5P8RAjs2AJ0cCGBMQ5fjE1F1LOGxvYi8sS+EogCeILD0
> elbDb/ZVeh9nlk2kclBnHVU=
> =BPhk
> -----END PGP SIGNATURE-----
>
> --
> ubuntu-devel mailing list
> ubuntu-devel at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel



Hello,

it seems that nUbuntu (which is not affliated with Canonical, neither
Ubuntu) is the shoot you need.

Best regards,
Mario
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20060222/4145f9c0/attachment.htm

More information about the ubuntu-devel mailing list