<div>On 2/22/06, John Richard Moser <<a href="mailto:nigelenki@comcast.net">nigelenki@comcast.net</a>> wrote:<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've noticed there's a LOT of LiveCDs out there like Auditor, Whax, and Backtrack.  There's also the Knoppix STD and Whoppix laying around out there.  Each of these provides a drop-in Live environment from which you can run password crackers, vulnerability scanners (nessus), and in some cases even hurl exploit code (metasploit) at the machines you're testing. Historically these tools are very difficult to install and configure on a typical system.  Nessus requires a server be set up with new users added, for example; while Auditor auto-configures nessusd and activates it on first run of Nessus.  So the long and short of it comes out to be that these LiveCDs come with all of this stuff pre-configured, with update scripts laying around for things like Nessus (grab new security plug-ins) and amap (grab new application banner databases). Ubuntu seems to have several branches.  There's a base desktop branch, an educational branch, a KDE desktop branch, a server branch, a small business server branch, etc.  Would it be infeasible to consider a security auditing branch which packages up security tools and initial configuration helpers ( i.e. "get a dictionary for john the ripper," "Copy local users to nessus user list," "update interface for Nessus/nmap/amap databases/plugins" etc)?  I may be going out on a limb here; I haven't considered that I may be the only person in the world who would find this useful. - -- All content of all messages exchanged herein are left in the Public Domain, unless otherwise explicitly stated.     Creative brains are a valuable, limited resource. They shouldn't be     wasted on re-inventing the wheel when there are so many fascinating     new problems waiting out there.                                                  -- Eric Steven Raymond     We will enslave their women, eat their children and rape their     cattle!                                      -- Evil alien overlord from Blasto -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org">http://enigmail.mozdev.org</a> iD8DBQFD/JVIhDd4aOud5P8RAjs2AJ0cCGBMQ5fjE1F1LOGxvYi8sS+EogCeILD0 elbDb/ZVeh9nlk2kclBnHVU= =BPhk -----END PGP SIGNATURE----- -- ubuntu-devel mailing list <a href="mailto:ubuntu-devel@lists.ubuntu.com"> ubuntu-devel@lists.ubuntu.com</a> <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel">https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel</a></blockquote><div> Hello, it seems that nUbuntu (which is not affliated with Canonical, neither Ubuntu) is the shoot you need. Best regards, Mario </div> </div>