From owner-freebsd-questions@FreeBSD.ORG Sun Dec 29 15:09:01 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B6865941 for ; Sun, 29 Dec 2013 15:09:01 +0000 (UTC) Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com [IPv6:2a00:1450:400c:c05::232]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 42E611A2B for ; Sun, 29 Dec 2013 15:09:01 +0000 (UTC) Received: by mail-wi0-f178.google.com with SMTP id bz8so10917794wib.11 for ; Sun, 29 Dec 2013 07:08:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=E/SBxhEP00+6L8huQUWLWF4R1W/oih0YCUDe3NfjFBI=; b=idPeWzYPE4kgqDugy1VHlwu90zAjeO+EoUgK1fcj/nwGUuUL87kLHRGbz+AHJHFv8B yvAcrQm6l626iNE7kEMfE45k9O4T5lH40L+++nC33U08SnPfNpS/f2J486UfCt5tsxzb kAUSBrRHgPZcpuoF+8uahFla9uiKzoCW/kNsLyUHm5YuPEUCEXE9imgF2GmssWEzz0nI 1eoTWap6k/UWd4r5esfYD48lmZvISo0CCk6+t6TBqDFngqWfOcdoajmO5aGWNnAq9V9y 9HXKJFEJAzDLLb5aeCT6OpE7DOwGIB71VvKvqgaw8g6ncInVhkRAc3ebPvqPhOhY1PpN gpdQ== MIME-Version: 1.0 X-Received: by 10.194.20.230 with SMTP id q6mr16765873wje.49.1388329739616; Sun, 29 Dec 2013 07:08:59 -0800 (PST) Received: by 10.216.108.195 with HTTP; Sun, 29 Dec 2013 07:08:59 -0800 (PST) Received: by 10.216.108.195 with HTTP; Sun, 29 Dec 2013 07:08:59 -0800 (PST) In-Reply-To: <20131229143625.b3f3a2cf.freebsd@edvax.de> References: <20131229143625.b3f3a2cf.freebsd@edvax.de> Date: Sun, 29 Dec 2013 09:08:59 -0600 Message-ID: Subject: Re: IT security and pentesting tools on FreeBSD From: iamatt To: Polytropon Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: FreeBSD Mailing List X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Dec 2013 15:09:01 -0000 Why reinvent the wheel. Backtrack is pretty decent live image for basic pen testing. I guess you could see what ports exist on freebsd from the backtrack release but seems like a waste of time when you can just burn a USB drive and run it like that! On Dec 29, 2013 8:13 AM, "Polytropon" wrote: > To expand my "daily work", I'd like to explore which tools > exist on FreeBSD for pentesting and "overall IT security > diagnostics". The following questions are primarily directed > to those participants of the mailing list who do similar > work and/or research and like to share their suggestions. > > Having primarily used Linux for this specific purpose, I'd > like to try to find comparable (or maybe the same) tools > on the base of FreeBSD which I prefer as a system for work. > What tools in the ports collections can be used, which offer > the same functionality? My goal is to migrate as much of > the "pentesting toolset" to FreeBSD as possible. > > I'm already using FreeBSD tools like nmap, tcpdump, iftop or > Wireshark, but I bet there are more that I should have > a look at. I'm especially interested in tools to scan for > WLAN traffic and to demonstrate weak encryption to customers > (e. g. for those who insist that WEP is "ultimately secure" > or that "a hidden SSID makes them unhackable"). Diagnostics > should cover as many layers as possible, it doesn't even > matter if this versatility is distributed across a set of > different programs, that's okay. > > Those are fields where no special hardware compatibility > is required. I'm aware that especially cellphone communications > using a smartphone, connected to USB, may be more tricky on > FreeBSD than on Linux where it doesn't seem to be a problem > to make a "GSM scanner". SDR is probably a similarly compli- > cated topic when FreeBSD is involved... but in regards of > hardware I want to use, I've already learned the lessen to > first check, _then_ buy. :-) > > A side question, if I may ask: I'm typically using a second > LAN or WLAN adapter for on-site diagnostics for customers. > To make it easier to check _their_ logs for my "actions", > I'd like to give it an "obvious" MAC address, something like > EE:EE:EE:EE:EE:EE (which is quite easy to spot in log files). > Is this possible (and trivial) for LAN and WLAN interfaces > on a FreeBSD host? > > For those hesitating to reply: I'm still one of the good guys. > You may reply off-list in case the questions list is not the > right place to expose that kind of knowledge. ;-) > > > -- > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" >