Thursday, October 21, 2010

Best PenTest Linux Distributions


What is Pen testing ? 


Penetration testing is the process of attempting to gain access to resources without knowledge of user-names,passwords and other normal means of access. If the focus is on computer resources, then exam-ples of a successful penetration would be obtaining or subverting confidential documents, pricelists,databases and other protected information.

The main thing that separates a penetration tester from an attacker is permission. The penetrationtester will have permission from the owner of the computing resources that are being tested and will be responsible to provide a report. The goal of a penetration test is to increase the security of the computing resources being tested.

In many cases, a penetration tester will be given user-level access and in those cases, the goal would be to elevate the status of the account or user other means to gain access to additional information that a user of that level should not have access to.Some penetration testers are contracted to find one hole, but in many cases, they are expected to keep looking past the first hole so that additional vulnerabilities can be identified and fixed. It is important 

for the pen-tester to keep detailed notes about how the tests were done so that the results can be verified and so that any issues that were uncovered can be resolved.

So what are the best Pen Testing Linux Distributions ?

Linux distributions are often customized to perform many specialized tasks cater to a particular industry, hobby or business. Security Penetration testing is one such niche where professional (and hobbyists) use customized Linux distributions with the whole purpose of doing security tests on networks and personal computer (hopefully with permission). Most of these distribution are live CDs which can be used without having to install them to your computer. Today we will take a look at some of best Pen-test distributions out there.

1) BackTrack: Backtrack is the most widely known pen-test distribution out there. The latest release (4 Beta) has been ported to Debian/Ubuntu from Slackware and now can be installed locally as a full distribution and tools can be updated using Backtrack repositories. Backtrack includes more than 300+ security tools.

2) Knoppix STD: As the name suggests this distribution is based on Knoppix and STD stands for Security Tools Distribution. This distribution didn’t get any update (like most pen-test distros) in a long time and might not work on some new hardwares but they have a fairly good collection of tools.  fluxbox is used for desktop environment.

3) nUbuntu: Based on Ubuntu and fluxbox, nUbuntu is a fairly new and active pen-test distribution. They have partnered with an Italian IT security company for future nUbuntu certification and training.

4) Network Security Toolkit: NST is a Fedora based Live distribution and unlike some other pen-test distro NST can be used under virtual machine without any network configuration problems (from my experience). NST also have a unique Web User Interface to access tools and manage configurations.

5) PEENTO: A Gentoo based pen-test live cd (you could have guessed) that actually looks very nice. They are using Enlightenment for DE and has quite a few unique pen-test tools including GPU based cracking software pyrit.

Filed Under :

7 comments for "Best PenTest Linux Distributions"

  1. whats ur openion abt Matriux... brother

  2. never tried it Never Tested it
    i dont have the copy to test

  3. i am looking for back track training in hyderabad

  4. Is nUbuntu still active?

  5. i am looking for back track training in hyderabad

  6. Good post and Smart Blog
    Thanks for your good information and i hope to subscribe and visit my blog STD Symptoms and more Gonorrhea Treatment thanks again admin