Tags

, , , , , , , , , , ,

With Linux Mint 12 Lisa LXDE having just been released, I decided to use that as a basis for a network penetration and security testing setup. Several Linux distros already do this, but Mint has its advantages:
* The LXDE version is ideal for netbooks with limited memory and storage.
* Mint includes most common applications for general stuff.
* The official repositories are very large, and applications can be safely added and removed using the software manager to adapt the installation for whatever sepecialist use.
* Excellent hardware support for network devices.

The aim here is to gradually build a more select range of security tools, as the user becomes familiar with them.

Linux Mint is now released as a ‘hybrid ISO’, which can be booted from both disc and USB drive, without the need for unetbootin or dd. This isn’t perfectly compatible across all systems yet, so I ended up using unetbootin anyway. Once on the USB drive, Mint ran perfectly on the netbook, although it takes longer to load than earlier releases.

When installing, a minimum of 8GB is recommended to accommodate a potentially comprehensive installation. After the OS was installed, I went about adding the essentials that every pen tester sould have. These are either included with Mint/Ubuntu or readily available from the official repositories:
* nmap (and Zenmap GUI)
* tcpdump, ngrep, Telnet, wget, netcat, ping, traceroute
* nslookup, dig
* WireShark
* w3af
* OpenVAS
* EtherApe
* Kismet Wireless

Although some of the above have GUIs, most are run in the command line. I’ve put together the ComSAT shell script (available at SourceForge.net) as an alternative to remembering all the commands and their variations. Another good idea is to run Matriux, Blackbuntu and BackTrack, and see what else is worth adding.

Advertisements