Pentesting Linux distro, would you want: H323/Ethereal/LibACE ????

From: rmeijer@xs4all.nl
Date: Tue Aug 09 2005 - 07:22:58 EDT

• Next message: Nick Waringa: "Re: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)"
• Previous message: Aleph One: "Nmap/netwag problem."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I am curently working on a CF image based linux distribution for
(inline) pentesting purposes (LIPAX).

While working truegh my wishlist of libraries and tools to add to this
image, I ran into the fact that some of the libraries end/or tools being
either by themselves or by their implied dependancies rather big.

I now end up with 3 of those things that I must considder if I should
add or drop them. They could fit on the image, but maybe the users
would find them a waste of space.

I would like to hear your ideas of wether to add or drop these
items:

OpenH323 etc: Library and tools for H323 based VoIP
              I have no high knowledge on VoIP, and am not sure if anyone
              is actualy including H323 stuff in their pentests.
              Its altogether kind of big, so if noone else also ever uses
              H323, this may be a waste of space.
Ethereal etc: Ethereal is a simple but modular network protocol monitoring
              tool, together with all the development possibilities it
              takes up a real big amounth of space. I personaly would use
              a range of perl modules included in the LIPAX distro also,
              but I know some people think the world of ethereal.
              I would personaly like to drop it unless any of you guys
              can convince me I shouldn't.
libACE: LibACE is an extremely powerfull C++ library for writing
              networking software, it is kind of big, but when you like
              me like to use C++ to write your own non trivial network
              testing tools for specialized purposes, it would be worth
              this space. I am hoping I am not the only one who likes
              using C++/ACE in such context, If I am I could considder
              droping it if both OpenH323 and Ethereal are considdered
              essential by you guys.

So my proposal would be:

* Keep libACE
* drop Ethereal
* No clue with respect to H323

Please let me know what you guys think of it.

Rob

------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't

Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:

http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

• Next message: Nick Waringa: "Re: All of the things you need to learn to be a pen-tester (Re: Pen t est basic needs)"
• Previous message: Aleph One: "Nmap/netwag problem."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:43 EDT