In-Reply-To: <20050412111859.O89525-100000@xs2.xs4all.nl>
Not sure about the answers to your other questions, but as far as a pentest
linux distro, check out
http://www.whoppix.net
They have some video demos that show some of the tools in action as well. A
pentesters dream version of Knoppix.
Psiphon
Received: (qmail 22569 invoked from network); 12 Apr 2005 13:36:08 -0000
Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com)
(205.206.231.27)
by mail.securityfocus.com with SMTP; 12 Apr 2005 13:36:08 -0000
Received: from lists.securityfocus.com (lists.securityfocus.com
[205.206.231.19])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 9D0FB237025; Tue, 12 Apr 2005 07:44:49 -0600 (MDT)
Mailing-List: contact pen-test-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <pen-test.list-id.securityfocus.com>
List-Post: <mailto:pen-test@securityfocus.com>
List-Help: <mailto:pen-test-help@securityfocus.com>
List-Unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:pen-test-subscribe@securityfocus.com>
Delivered-To: mailing list pen-test@securityfocus.com
Delivered-To: moderator for pen-test@securityfocus.com
Received: (qmail 24806 invoked from network); 12 Apr 2005 09:56:41 -0000
Date: Tue, 12 Apr 2005 11:33:13 +0200 (CEST)
From: Rob J Meijer <rmeijer@xs4all.nl>
To: pen-test@securityfocus.com
Subject: 'in-line' pentest and pentest linux distro?
Message-ID: <20050412111859.O89525-100000@xs2.xs4all.nl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by XS4ALL Virus Scanner
When looking at enviroments with MAC locking and ID in place, and pentest
possibilities from workstation locations, I've been trying to find some
info on the 'in-line' way of working for such tests.
It apears that I'm either the only one ever to have had the need for
inline pentests, in order to test at workstation network connections that
have MAC locking and ID in place, or that I just am using the wrong name
for the concept.
I'm interesting to know:
1) Is nobody running into MAC lock and MAC ID enviroments where the
workstation network connections are relevant?
2) If anyone is, what are you using to do these tests, and would this
be suitable for 'in-line' usage?
3) Is anyone seriously working on a pentest linux distro?
4) Do you think building and combining this functionality ino a
specialized small linux distribution for something like the sigarete-box
sized XXS1500, or something like it would be desirable for such
functionality.
I currently am occupied with an other big open source project, so I am
hoping someone else has or will do some work on both the testing
of MAC locked or MAC ID enabled enviroments and the creation of a pentest
linux distro.
I think I could fit in some porting to small devices from a basic PC Linux
based distribution to such a device, if however I completely would have to
role a new distribution from scratch, building lots of the tools myself,
I would not be able to fit this in this year (unless someone needs it
enough to actualy pay me for working on it, while keeping it open source).
I think building a pentest inline device linux distro would be practical
and usefull, but maybe its just my gadget madnes playing tricks on me ;-)
Let me know what you think.
Rob
