Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Taylor Woods
Yes this is based off of wattOSr5, I have it running on an older Dell
laptop, the newer Ubuntu distros (10.10 and above) seemed to freeze or not
be compatable with the limited resources available ( 2 gig of ram lightning
fast LOL. Parrot Security is running slow but does work. Go figure

>From the desk of Taylor Woods: Just a man and his computer
(404)536-7773 cell
"Success is not measured by the amount of failures but by the amount of
attempts to accept failure as an option"

This electronic mail (including any attachments) may contain information
that is privileged, confidential, and/or otherwise protected from
disclosure to anyone other than its intended recipient(s). Any
dissemination or use of this electronic mail or its contents (including any
attachments) by persons other than the intended recipient(s) is strictly
prohibited. If you have received this message in error, please notify us
immediately by reply e-mail so that we may correct our internal records.
Please then delete the original message (including any attachments) in its
entirety. Thank you.







On Fri, Sep 13, 2013 at 12:13 PM, Todd And Margo Chester <
toddandma...@gmail.com> wrote:

> On 09/13/2013 04:03 AM, Taylor Woods wrote:
>
>> So he wants to simulate an infection and work a solution I gather, there
>> are quite a few Linux based programs you just have to look to see which
>> suits your exact need.
>>
>
> And most pof the links to them are stale.
>
> But this one is still working:
> http://sourceforge.net/**projects/sbe-distro/
>
> And, oh man does it stink!  Perfect for testing!
> Wish I could get one for Windows too, but ...
>
>
> -T
>


Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Todd And Margo Chester

On 09/13/2013 04:03 AM, Taylor Woods wrote:

So he wants to simulate an infection and work a solution I gather, there
are quite a few Linux based programs you just have to look to see which
suits your exact need.


And most pof the links to them are stale.

But this one is still working:
http://sourceforge.net/projects/sbe-distro/

And, oh man does it stink!  Perfect for testing!
Wish I could get one for Windows too, but ...


-T


Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Taylor Woods
I did read about what the disto had to offer and it's benefits, it's based
off of wattOSr5.

>From the desk of Taylor Woods: Just a man and his computer
(404)536-7773 cell
"Success is not measured by the amount of failures but by the amount of
attempts to accept failure as an option"

This electronic mail (including any attachments) may contain information
that is privileged, confidential, and/or otherwise protected from
disclosure to anyone other than its intended recipient(s). Any
dissemination or use of this electronic mail or its contents (including any
attachments) by persons other than the intended recipient(s) is strictly
prohibited. If you have received this message in error, please notify us
immediately by reply e-mail so that we may correct our internal records.
Please then delete the original message (including any attachments) in its
entirety. Thank you.







On Fri, Sep 13, 2013 at 8:35 AM, Paul Robert Marino wrote:

> I looked  at the SBEr1 site on source forge, and read what it was designed
> to do.
>
>
>
>
> -- Sent from my HP Pre3
>
> --
> On Sep 13, 2013 4:42, Elias Persson  wrote:
>
> He's not looking for tools to do penetration testing with, he's looking
> for (and seems to have found) a test subject. Do people not read beyond
> the subject line?
>
> Kinda curious about where you got "windows" from. DVL is Damn Vulnerable
> Linux:
> http://distrowatch.com/table.php?distribution=dvl
>
> On 2013-09-13 02:23, Paul Robert Marino wrote:
> > If you are looking for for penetration testing, HIDS, NIDS, or IPS there
> > are a lot tools out there. To do security right is never easy. I have
> > never seen a silver bullet all in one VM or out of the box easy distro
> > for it. All of them take work.
> > Since the one you are looking at seems to be a penetration testing tool
> > for windows you're best bet is to pay the money (if its for corporate
> > use) for Nessus and throw it on a basic VM. If you are only intending to
> > use it for Linux then OSEC is a good free speech software tool that
> > isn't too difficult to use and there are a lot of system management
> > tools like spacewalk that can manage it for you.
> >
> >
> >
> > -- Sent from my HP Pre3
> >
> > 
> > On Sep 11, 2013 19:25, Todd And Margo Chester 
> > wrote:
> >
> > I am downloading this one:
> >
> http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/
> >
>


Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Paul Robert Marino
I looked  at the SBEr1 site on source forge, and read what it was designed to do.-- Sent from my HP Pre3On Sep 13, 2013 4:42, Elias Persson  wrote: He's not looking for tools to do penetration testing with, he's looking 
for (and seems to have found) a test subject. Do people not read beyond 
the subject line?

Kinda curious about where you got "windows" from. DVL is Damn Vulnerable 
Linux:
http://distrowatch.com/table.php?distribution=dvl

On 2013-09-13 02:23, Paul Robert Marino wrote:
> If you are looking for for penetration testing, HIDS, NIDS, or IPS there
> are a lot tools out there. To do security right is never easy. I have
> never seen a silver bullet all in one VM or out of the box easy distro
> for it. All of them take work.
> Since the one you are looking at seems to be a penetration testing tool
> for windows you're best bet is to pay the money (if its for corporate
> use) for Nessus and throw it on a basic VM. If you are only intending to
> use it for Linux then OSEC is a good free speech software tool that
> isn't too difficult to use and there are a lot of system management
> tools like spacewalk that can manage it for you.
>
>
>
> -- Sent from my HP Pre3
>
> 
> On Sep 11, 2013 19:25, Todd And Margo Chester 
> wrote:
>
> I am downloading this one:
> http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/
>

Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Taylor Woods
So he wants to simulate an infection and work a solution I gather, there
are quite a few Linux based programs you just have to look to see which
suits your exact need.

Sent from the Samsung Galaxy S4 of Taylor Woods
On Sep 11, 2013 7:24 PM, "Todd And Margo Chester" 
wrote:

> On 09/11/2013 02:58 PM, Elias Persson wrote:
>
>> On 2013-09-11 20:37, Todd And Margo Chester wrote:
>>
>>> On 09/11/2013 10:44 AM, Taylor Woods wrote:
>>>
 I have tried SBEr1 it wasnt a walk in the park, it made me second think
 abiut doing it.

>>>
>>> Hi Taylor,
>>>
>>> Thank you,
>>>
>>> Do you have a reference to this?  Google gives me a bunch
>>> of unrelated clutter.
>>>
>>> -T
>>>
>>>
>>>
>> I suspect this is what's being referred to:
>>
>> http://sourceforge.net/**projects/sbe-distro/
>> (google sber1 linux)
>>
>> At a glance, seems like the opposite of what you're looking for.
>> Backtrack might be appropriate, but seems more like the tool you'd
>> use to punch holes than the thing to perforate.
>>
>> If you have that VM Ware image (or know where to get it), why not
>> use it? (not a rhetorical question.)
>> (for more info, if needed, google convert vmware kvm)
>>
>>
> I am downloading this one:
> http://sourceforge.jp/**projects/sfnet_virtualhacking/**
> downloads/os/dvl/DVL_1.5_**Infectious_Disease.iso/
>


Re: Anyone know of a best ISO VM for security testing?

2013-09-13 Thread Elias Persson
He's not looking for tools to do penetration testing with, he's looking 
for (and seems to have found) a test subject. Do people not read beyond 
the subject line?


Kinda curious about where you got "windows" from. DVL is Damn Vulnerable 
Linux:

http://distrowatch.com/table.php?distribution=dvl

On 2013-09-13 02:23, Paul Robert Marino wrote:

If you are looking for for penetration testing, HIDS, NIDS, or IPS there
are a lot tools out there. To do security right is never easy. I have
never seen a silver bullet all in one VM or out of the box easy distro
for it. All of them take work.
Since the one you are looking at seems to be a penetration testing tool
for windows you're best bet is to pay the money (if its for corporate
use) for Nessus and throw it on a basic VM. If you are only intending to
use it for Linux then OSEC is a good free speech software tool that
isn't too difficult to use and there are a lot of system management
tools like spacewalk that can manage it for you.



-- Sent from my HP Pre3


On Sep 11, 2013 19:25, Todd And Margo Chester 
wrote:

I am downloading this one:
http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/



Re: Anyone know of a best ISO VM for security testing?

2013-09-12 Thread Paul Robert Marino
If you are looking for for penetration testing, HIDS, NIDS, or IPS there are a lot tools out there. To do security right is never easy. I have never seen a silver bullet all in one VM or out of the box easy distro for it. All of them take work.Since the one you are looking at seems to be a penetration testing tool for windows you're best bet is to pay the money (if its for corporate use) for Nessus and throw it on a basic VM. If you are only intending to use it for Linux then OSEC is a good free speech software tool that isn't too difficult to use and there are a lot of system management tools like spacewalk that can manage it for you.-- Sent from my HP Pre3On Sep 11, 2013 19:25, Todd And Margo Chester  wrote: On 09/11/2013 02:58 PM, Elias Persson wrote:
> On 2013-09-11 20:37, Todd And Margo Chester wrote:
>> On 09/11/2013 10:44 AM, Taylor Woods wrote:
>>> I have tried SBEr1 it wasnt a walk in the park, it made me second think
>>> abiut doing it.
>>
>> Hi Taylor,
>>
>> Thank you,
>>
>> Do you have a reference to this?  Google gives me a bunch
>> of unrelated clutter.
>>
>> -T
>>
>>
>
> I suspect this is what's being referred to:
>
> http://sourceforge.net/projects/sbe-distro/
> (google sber1 linux)
>
> At a glance, seems like the opposite of what you're looking for.
> Backtrack might be appropriate, but seems more like the tool you'd
> use to punch holes than the thing to perforate.
>
> If you have that VM Ware image (or know where to get it), why not
> use it? (not a rhetorical question.)
> (for more info, if needed, google convert vmware kvm)
>

I am downloading this one:
http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/

Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Todd And Margo Chester

On 09/11/2013 02:58 PM, Elias Persson wrote:

On 2013-09-11 20:37, Todd And Margo Chester wrote:

On 09/11/2013 10:44 AM, Taylor Woods wrote:

I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.


Hi Taylor,

Thank you,

Do you have a reference to this?  Google gives me a bunch
of unrelated clutter.

-T




I suspect this is what's being referred to:

http://sourceforge.net/projects/sbe-distro/
(google sber1 linux)

At a glance, seems like the opposite of what you're looking for.
Backtrack might be appropriate, but seems more like the tool you'd
use to punch holes than the thing to perforate.

If you have that VM Ware image (or know where to get it), why not
use it? (not a rhetorical question.)
(for more info, if needed, google convert vmware kvm)



I am downloading this one:
http://sourceforge.jp/projects/sfnet_virtualhacking/downloads/os/dvl/DVL_1.5_Infectious_Disease.iso/


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Todd And Margo Chester

On 09/11/2013 02:58 PM, Elias Persson wrote:

On 2013-09-11 20:37, Todd And Margo Chester wrote:

On 09/11/2013 10:44 AM, Taylor Woods wrote:

I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.


Hi Taylor,

Thank you,

Do you have a reference to this?  Google gives me a bunch
of unrelated clutter.

-T




I suspect this is what's being referred to:

http://sourceforge.net/projects/sbe-distro/
(google sber1 linux)

At a glance, seems like the opposite of what you're looking for.
Backtrack might be appropriate, but seems more like the tool you'd
use to punch holes than the thing to perforate.

If you have that VM Ware image (or know where to get it), why not
use it? (not a rhetorical question.)
(for more info, if needed, google convert vmware kvm)



Finally found this great article:
http://lwn.net/Articles/437221/


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Todd And Margo Chester

On 09/11/2013 02:58 PM, Elias Persson wrote:

On 2013-09-11 20:37, Todd And Margo Chester wrote:

On 09/11/2013 10:44 AM, Taylor Woods wrote:

I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.


Hi Taylor,

Thank you,

Do you have a reference to this?  Google gives me a bunch
of unrelated clutter.

-T




I suspect this is what's being referred to:

http://sourceforge.net/projects/sbe-distro/
(google sber1 linux)

At a glance, seems like the opposite of what you're looking for.
Backtrack might be appropriate, but seems more like the tool you'd
use to punch holes than the thing to perforate.

If you have that VM Ware image (or know where to get it), why not
use it? (not a rhetorical question.)
(for more info, if needed, google convert vmware kvm)



It is the opposite.  I am looking for one that is deliberately
messed up.

If I can ever find that vmware iso again, I will use your convert
string.  Thank you!

-T


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Elias Persson

On 2013-09-11 20:37, Todd And Margo Chester wrote:

On 09/11/2013 10:44 AM, Taylor Woods wrote:

I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.


Hi Taylor,

Thank you,

Do you have a reference to this?  Google gives me a bunch
of unrelated clutter.

-T




I suspect this is what's being referred to:

http://sourceforge.net/projects/sbe-distro/
(google sber1 linux)

At a glance, seems like the opposite of what you're looking for.
Backtrack might be appropriate, but seems more like the tool you'd
use to punch holes than the thing to perforate.

If you have that VM Ware image (or know where to get it), why not
use it? (not a rhetorical question.)
(for more info, if needed, google convert vmware kvm)


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Steven Miano
I believe most of the backtrack development has moved here:

http://www.kali.org/


On Wed, Sep 11, 2013 at 2:37 PM, Todd And Margo Chester <
toddandma...@gmail.com> wrote:

> On 09/11/2013 10:44 AM, Taylor Woods wrote:
>
>> I have tried SBEr1 it wasnt a walk in the park, it made me second think
>> abiut doing it.
>>
>
> Hi Taylor,
>
> Thank you,
>
> Do you have a reference to this?  Google gives me a bunch
> of unrelated clutter.
>
> -T
>
>
>  Taylor
>> Sent from the Samsung Galaxy S4 of Taylor Woods
>>
>> On Sep 11, 2013 1:03 PM, "Todd And Margo Chester"
>> mailto:toddandma...@gmail.com**>> wrote:
>>
>> Hi All,
>>
>> I am getting tooled up to do some Penitration Testing
>> for PCI compliance (Ethical Hacking).
>>
>> Refernce:
>> https://www.__pcisecuritystand**ards.org/pdfs/__infosupp_11_3_**
>> penetration___testing.pdf
>>
>> > infosupp_11_3_penetration_**testing.pdf
>> >
>>
>> There is a VM Ware virtual machine out there that is
>> a deliberte security nightmare to practice with.
>> Problem: I use KVM and Spice, not VM Ware.  And I
>> run Live CD through KVM.
>>
>> Anyone know of a similar Live CD or KVM machine that is
>> deliberately a security nightmare to practice with?
>>
>> Many thanks,
>> -T
>>
>>
>> --
>> ~~**__
>>
>> Computers are like air conditioners.
>> They malfunction when you open windows
>> ~~**__
>>
>>


-- 
 Miano, Steven M.
http://stevenmiano.com


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Taylor Woods
SBEr1 has a pretty good set up but when updating
VMware type application it had a tendency to not allow connection via wifi
only direct Cat5. Not what I expected but I kept at it.

Sent from the Samsung Galaxy S4 of Taylor Woods
On Sep 11, 2013 2:37 PM, "Todd And Margo Chester" 
wrote:

> On 09/11/2013 10:44 AM, Taylor Woods wrote:
>
>> I have tried SBEr1 it wasnt a walk in the park, it made me second think
>> abiut doing it.
>>
>
> Hi Taylor,
>
> Thank you,
>
> Do you have a reference to this?  Google gives me a bunch
> of unrelated clutter.
>
> -T
>
>
>  Taylor
>> Sent from the Samsung Galaxy S4 of Taylor Woods
>>
>> On Sep 11, 2013 1:03 PM, "Todd And Margo Chester"
>> mailto:toddandma...@gmail.com**>> wrote:
>>
>> Hi All,
>>
>> I am getting tooled up to do some Penitration Testing
>> for PCI compliance (Ethical Hacking).
>>
>> Refernce:
>> https://www.__pcisecuritystand**ards.org/pdfs/__infosupp_11_3_**
>> penetration___testing.pdf
>> > infosupp_11_3_penetration_**testing.pdf
>> >
>>
>> There is a VM Ware virtual machine out there that is
>> a deliberte security nightmare to practice with.
>> Problem: I use KVM and Spice, not VM Ware.  And I
>> run Live CD through KVM.
>>
>> Anyone know of a similar Live CD or KVM machine that is
>> deliberately a security nightmare to practice with?
>>
>> Many thanks,
>> -T
>>
>>
>> --
>> ~~**__
>> Computers are like air conditioners.
>> They malfunction when you open windows
>> ~~**__
>>
>>


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Todd And Margo Chester

On 09/11/2013 10:44 AM, Taylor Woods wrote:

I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.


Hi Taylor,

Thank you,

Do you have a reference to this?  Google gives me a bunch
of unrelated clutter.

-T



Taylor
Sent from the Samsung Galaxy S4 of Taylor Woods

On Sep 11, 2013 1:03 PM, "Todd And Margo Chester"
mailto:toddandma...@gmail.com>> wrote:

Hi All,

I am getting tooled up to do some Penitration Testing
for PCI compliance (Ethical Hacking).

Refernce:

https://www.__pcisecuritystandards.org/pdfs/__infosupp_11_3_penetration___testing.pdf



There is a VM Ware virtual machine out there that is
a deliberte security nightmare to practice with.
Problem: I use KVM and Spice, not VM Ware.  And I
run Live CD through KVM.

Anyone know of a similar Live CD or KVM machine that is
deliberately a security nightmare to practice with?

Many thanks,
-T


--
~~__
Computers are like air conditioners.
They malfunction when you open windows
~~__



Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread David Sommerseth
On 11/09/13 19:03, Todd And Margo Chester wrote:
> Hi All,
> 
> I am getting tooled up to do some Penitration Testing
> for PCI compliance (Ethical Hacking).
> 
> Refernce:
> https://www.pcisecuritystandards.org/pdfs/infosupp_11_3_penetration_testing.pdf
> 

It's a long time since I've looked at such tools, but I vaguely remember
Backtrack-Linux to be quite state of the art.  Not sure if it still is.




kind regards,

David Sommerseth


Re: Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Taylor Woods
I have tried SBEr1 it wasnt a walk in the park, it made me second think
abiut doing it.

Taylor
Sent from the Samsung Galaxy S4 of Taylor Woods
On Sep 11, 2013 1:03 PM, "Todd And Margo Chester" 
wrote:

> Hi All,
>
> I am getting tooled up to do some Penitration Testing
> for PCI compliance (Ethical Hacking).
>
> Refernce: https://www.**pcisecuritystandards.org/pdfs/**
> infosupp_11_3_penetration_**testing.pdf
>
> There is a VM Ware virtual machine out there that is
> a deliberte security nightmare to practice with.
> Problem: I use KVM and Spice, not VM Ware.  And I
> run Live CD through KVM.
>
> Anyone know of a similar Live CD or KVM machine that is
> deliberately a security nightmare to practice with?
>
> Many thanks,
> -T
>
>
> --
> ~~**
> Computers are like air conditioners.
> They malfunction when you open windows
> ~~**
>


Anyone know of a best ISO VM for security testing?

2013-09-11 Thread Todd And Margo Chester

Hi All,

I am getting tooled up to do some Penitration Testing
for PCI compliance (Ethical Hacking).

Refernce: 
https://www.pcisecuritystandards.org/pdfs/infosupp_11_3_penetration_testing.pdf


There is a VM Ware virtual machine out there that is
a deliberte security nightmare to practice with.
Problem: I use KVM and Spice, not VM Ware.  And I
run Live CD through KVM.

Anyone know of a similar Live CD or KVM machine that is
deliberately a security nightmare to practice with?

Many thanks,
-T


--
~~
Computers are like air conditioners.
They malfunction when you open windows
~~