December 9th, 2004, 09:50 PM
I just finished reading the linux sticky about which on you should use. However I"m still confused. I'm in need of a linux tool so I can run Nessus as the company doesn't want to pay for like a windows version such as Retina. Problem is, I would rate myself a 2 our of 1,000,000 as for knowing what I"m doing. I need the easiest and unfortunatly the freeest Distribution out there. any Help? I was thinking mandrake Linux but I don't know which one I shoudl download or what.
December 9th, 2004, 10:26 PM
.... you wont go far wrong with Mandrake, it pretty much holds your hand through the install process.
Now, installing Linux and getting things running are two different things ... sometimes they work right out of the box and its "Yippee", more often than not its "Oh dear, back to the books or Google", but I look upon this as a learning curve and an enjoyable one at that.
One thing I did like about Mandrake was its security options - you could lock the box down very tight from the onset, from memory it was "msec" or similar and had 5 levels - 1 being "hello crackers" through to 5 "you might own me but your not coming in" - it was quite intuitive to see what file permissions etc.. were changed to offer the level of protection chosen.
Anyway, enough rambling - I cut my teeth on Mandrake and still have a soft spot for it. In the end Linux is Linux and there will be an expectation on your part to do a little reading and research to get things going the way you want.
Don't forget there are a number of very knowledgable *nix users here that dont mind helping where they can, when you get really stuck.
Have fun and welcome to the world of *nix - your life will never be the same now
December 10th, 2004, 12:39 AM
Mandrake or even Suse would be a good option. For ease of use and to learn about linux, you might want to look into Knoppix STD. It is a free live linux cd. Put it in your computer, re-boot, and it will boot into Knoppix STD. Nessus is allready on the cd, and ready to go.
If you do go with Knoppix STD, after it boots, you will be faced with a blank screen with "STD" in the middle of the screen. Just right click anywhere on the screen and a drop down menu will appear. Go down to "Vulnerability Assesment" then to Nessus and click on that. Easy.
List of tools included in Knoppix STD
If you want to get some information on a tool, right click on the desktop, go to "TCP Tools", and click on "TCP Tools RTFM'. A shell will open, type in "ls" without the quote, and all of the README files will show up for that shell. Then type in "cat file.README | less" where file is the file name. You can then scroll up or down with the arrow keys.
example for "TCP TOOLS"
Paketto_Umeet.html gspoof.README ipmagic.README packETH.README
Paketto_Umeet.txt hopfake.README lc_logs.txt packetto.README
despoof.README hunt.README lcrzoex.README paratrace_logs.txt
excalibur.README hunt.README.tp minewt_logs.txt scanrand_logs.txt
root@2[rtfm]# cat gspoof.README | less
December 10th, 2004, 11:55 AM
Yes, I have to agree with Devpon. Knoppix-STD is great. It will save you a lot of time, and the forums for it, are rather helpful.
I would also recommend you try out phlak. It is pretty similair to Knoppix, I have a small preference with it.
Pretty much, play around with live distros to get your knowledge up, and they will also make it easier for you to not have to worry about the installation.
As for you company. That is kind of interesting. They want you to do a vuln scan, but are to cheap to pay for something, so they want you to get a free way. hmm....
As the old saying goes, you get what you pay for.
As for a vuln scan, you don't neccesarily have to use nessus or anyother scan to get the results.
You can always just go to a site that does them, and print the report. That might actually be better, because the exploits they are going to use, is more likely going to be more up to date.
Phat_Penguin, you are right. My life has never been the same since I started playing with Unix and Linux. Why, I don't sleep now, and oh... Every other week I want to kill someone because of a kernel mess up.
I tell you, if I knew this is what learning more was going to be like.
I would of started playing around with it a lot sooner.
December 10th, 2004, 02:11 PM
thanks for the info. Do you all know of any good website I could goto to brush up on my linux. I mean I know the basic start x, and ls, and such, but is that a good website that has like linux for dummies for free
December 10th, 2004, 03:18 PM
December 10th, 2004, 03:47 PM
As whizkid already suggested, if you want nessus and other "admin"-tools ready to run, have a look at Phlak.
December 10th, 2004, 07:14 PM
In my Linux class i took, my prof had us only install Redhat... i wish i could have got some experience with the other varietys... redhat was ok though...
December 10th, 2004, 08:16 PM
awesome you guys rock.... Let me learn linux and than look further into knoppix std. In my opinion if I can switch OS's completly to linux... I'll be doing alright.
December 10th, 2004, 08:31 PM
What I don't recommend is using a LiveCD as a final install, there are many problems that come with it from the P.o.V. of security. They're okay for quick analysis [heck I have a K-STD CD with me all the time] but not for an extended use as a HDD-installed OS.