From owner-freebsd-questions@FreeBSD.ORG Sun Dec 29 16:47:40 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A4DFCCB1 for ; Sun, 29 Dec 2013 16:47:40 +0000 (UTC) Received: from bs1.fjl.org.uk (bs1.fjl.org.uk [84.45.41.196]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4022D1178 for ; Sun, 29 Dec 2013 16:47:39 +0000 (UTC) Received: from [192.168.1.35] (host86-161-162-125.range86-161.btcentralplus.com [86.161.162.125]) (authenticated bits=0) by bs1.fjl.org.uk (8.14.4/8.14.4) with ESMTP id rBTGlbgu021411 (version=TLSv1/SSLv3 cipher=DHE-DSS-CAMELLIA256-SHA bits=256 verify=NO) for ; Sun, 29 Dec 2013 16:47:37 GMT (envelope-from frank2@fjl.co.uk) Message-ID: <52C05228.6000603@fjl.co.uk> Date: Sun, 29 Dec 2013 16:47:36 +0000 From: Frank Leonhardt User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: IT security and pentesting tools on FreeBSD References: <20131229143625.b3f3a2cf.freebsd@edvax.de> <52C04198.5070102@fjl.co.uk> <20131229165032.6b82d8a0.freebsd@edvax.de> In-Reply-To: <20131229165032.6b82d8a0.freebsd@edvax.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.17 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Dec 2013 16:47:40 -0000 On 29/12/2013 15:50, Polytropon wrote: >> I developed an MSc course in "ethical hacking" a few years ago, and I >> >used FreeBSD throughout (not Linux). The big ones you missed off the >> >list are SARA (Security Auditor's Research Assistant) and Metasploit. >> >SARA was an NMAP-type scanner that looked for vulnerabilities (including >> >the NVD Database). Unfortunately it's no longer being updated:-( And >> >you also have ot port it to FreeBSD yourself - so trivial I don't even >> >remember doing it. > If that's possible, it sounds interesting. > I don't think there was a port of Metasploit Framework when I first used it - and it was written in perl then. It wasn't hard. I guess my point is that these things require less effort to get working on FreeBSD than you might think, and I had no problem running courses in a FreeBSD-only shop. I preferred the predictability of FreeBSD to the Linux alternative. Regards, Frank.