Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
On Monday 08 December 2008 21:40, Tom Allison [EMAIL PROTECTED] wrote: Is there some means by which you can build a super set of packages as a package? I think there is, but I'm not sure how it works. The idea would be to select a Package which would then select a large list of packages to install and others to make sure are removed and then move into a process of specialty configuration of those packages. You can create a package that does nothing but depend on packages you want to have installed, and possibly conflict with packages you want removed. I suggest however that in such a case you have one package which handles the conflicts and have the main meta-package recommend (not depend) on it. Then if someone really wants to have one of the undesired packages then they can do it. -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
For any set of packages one finds so useful that they're like their own distribution, I think the labor would be better spent -- more useful to the community I mean, maybe not as fun for you -- in extending / improving documentation on using those tools, or Chip's suggestion, which looks to me like 'debianising.' Your message indicates a comprehensive security strategy, and a large market for that certainly exists. But the additional work of maintaining a separate distribution seems like a waste. Reed Is there some means by which you can build a super set of packages as a package? I think there is, but I'm not sure how it works. The idea would be to select a Package which would then select a large list of packages to install and others to make sure are removed and then move into a process of specialty configuration of those packages. The net effect would be a Diff process to set-selections and then patch all the default installed packages that are critical to the goal. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
On Sunday 07 December 2008 16:11, Reed Young [EMAIL PROTECTED] wrote: For any set of packages one finds so useful that they're like their own distribution, I think the labor would be better spent -- more useful to the community I mean, maybe not as fun for you -- in extending / improving documentation on using those tools, or Chip's suggestion, which looks to me like 'debianising.' Your message indicates a comprehensive security strategy, and a large market for that certainly exists. But the additional work of maintaining a separate distribution seems like a waste. http://www.debian.org/misc/children-distros One thing that probably should be considered is the fate of the Adamantix distribution. The above URL seems to be the only current information available on the web about it. It seems that the only current positive result from that project is the paxtest package which is in Debian (which incidentally is i386 specific). I expect that the same amount of effort could have yielded better results if applied within the scope of Debian. -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
Russell Coker wrote: On Sunday 07 December 2008 16:11, Reed Young [EMAIL PROTECTED] wrote: For any set of packages one finds so useful that they're like their own distribution, I think the labor would be better spent -- more useful to the community I mean, maybe not as fun for you -- in extending / improving documentation on using those tools, or Chip's suggestion, which looks to me like 'debianising.' Your message indicates a comprehensive security strategy, and a large market for that certainly exists. But the additional work of maintaining a separate distribution seems like a waste. http://www.debian.org/misc/children-distros One thing that probably should be considered is the fate of the Adamantix distribution. The above URL seems to be the only current information available on the web about it. It seems that the only current positive result from that project is the paxtest package which is in Debian (which incidentally is i386 specific). I expect that the same amount of effort could have yielded better results if applied within the scope of Debian. I've been lurking for weeks not and found this to be an interesting topic that is really rather general and may belong under the topic of The Cathedral to the Bazaar more than just security. A new project, or fork, is a very large investment of resources (time, money, energy, whatever) that really must merit it's value and difference from it's predecessors. I've recently stopped using ipcop for firewall security because it's lacking certain features and considered rolling my own with Debian as a core. Further investigation has shown that there is really very little for me to do here. There are a lot of great tools that exist and I have to pick/choose to match my needs and skills. Using this experience as an example. I would be a huge fan of someone who spent some time integrating with the maintainers of some debian firewall and security packages to document how these fit together to provide a secure environment. That's value added and it will foster more support for the down stream packages. I've struck out on my own on a few projects and I will say this much. It's a lot of work. A lot more than I anticipated. And I really didn't get any hint of help until I had a fully functioning product. And then there was a lot of noise about remodeling it to look and feel exactly like the products that encouraged me to fork off in the first place. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chip Panarchy wrote: Greetings, Recently I have been working on a distribution of Linux built on Debian... to get more specific, built on Linux - Debian - Ubuntu 8.10 - Super Ubuntu. Though I will probably build it directly from Ubuntu (or Debian) sometime in the future. My distribution has been specialised to suite the requirements of your everyday (and not so everyday!) pen-tester and white/grey hat hackers. My sobriquet for this distribution is: HackBuntu. Though sometime in the (near) future, I will probably rename it to: Subuntu. (SecurityUbuntu) I have posted this on this mailing list for some advice. Can someone please recommend me some tools to put on it? Here is what I have already put into the distribution (excluding command line ones); Metasploit Ettercap Cain Abel (via WINE) NetStumbler (via WINE) Maltego CE Nessus PuTTy Wireshark NMap ZeNMap OPHCrack Please recommend me some more tools to 'put into' this distribution. Thanks in advance, Chip D. Panarchy Why not just contribute to the backtrack project? It's not debian based, but the hardwork is done. Mainly because it supports 99% of wifi cards with full cap/inject support. - -- Rich Healey - iTReign \.''`. / [EMAIL PROTECTED] Developer / Systems Admin \ : :' : /[EMAIL PROTECTED] AIM: richohealey33 \ `. `' / [EMAIL PROTECTED] MSN: [EMAIL PROTECTED] \ `- / [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkk8bvMACgkQLeTfO4yBSAcGAQCgpzCreeCZorBUyHQGeK6eqTkM PaIAoJ4pqn3/WygIARtaV+Tk1tFSUIsA =Iclb -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
On Monday 01 December 2008 22:45, Chip Panarchy [EMAIL PROTECTED] wrote: My distribution has been specialised to suite the requirements of your everyday (and not so everyday!) pen-tester and white/grey hat hackers. My sobriquet for this distribution is: HackBuntu. Why not just have a set of extra packages to run on Debian/Lenny? Why is a different distribution needed for penetration testing? -- [EMAIL PROTECTED] http://etbe.coker.com.au/ My Main Blog http://doc.coker.com.au/ My Documents Blog -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
On Sat, Dec 6, 2008 at 12:49 AM, Russell Coker [EMAIL PROTECTED] wrote: On Monday 01 December 2008 22:45, Chip Panarchy [EMAIL PROTECTED] wrote: My distribution has been specialised to suite the requirements of your everyday (and not so everyday!) pen-tester and white/grey hat hackers. My sobriquet for this distribution is: HackBuntu. Why not just have a set of extra packages to run on Debian/Lenny? Why is a different distribution needed for penetration testing? I agree. Why split off into a separate distribution, instead of debianising any of your chosen packages that are not yet among the ~17,000 packages in the stable Debian set? For any set of packages one finds so useful that they're like their own distribution, I think the labor would be better spent -- more useful to the community I mean, maybe not as fun for you -- in extending / improving documentation on using those tools, or Chip's suggestion, which looks to me like 'debianising.' Your message indicates a comprehensive security strategy, and a large market for that certainly exists. But the additional work of maintaining a separate distribution seems like a waste. Reed