March 19th, 2005, 04:00 PM
Ya but people like shiny new pennies and such.
It's a nice edition IF YOU LIKE THAT SORT OF THING, but it has absolutely nothing to do with whether VW has made a good automobile.
March 19th, 2005, 08:43 PM
Too bad they don't have a torrent. They could save themselves a lot of money by using other people's bandwith...
Thanks for the link. I downloaded it at work the other day but forgot to burn it so I have to download again before I can play.
The auditor and whoppix CDs are my favorite live distros.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
March 20th, 2005, 04:54 AM
For those who have used both, would you say Auditor Live is better than Phlak ( http://www.phlak.org/modules/news/ ) or Knoppix-STD ( Security Tool Distribution http://www.knoppix-std.org/ )?
March 20th, 2005, 06:26 AM
In my opinion...I like Auditor than phlak or knoppix-std. You don't need two pcmcia cards to do wireless penetration testing (cracking wep using aircrack,etc), check out articles on securiyfocus about "wep dead again part 2".
One thing I don't like from Auditor..I have to run that live cd as "root" and I couldn't use internet connection using adsl/broadband ( I think they removed rp-pppoe for internet connection) but I still can get online using my wireless connection.
Not an image or image does not exist!
Not an image or image does not exist!
March 29th, 2005, 05:50 PM
Thanks for the post Ms.Mittens - anymore like that would be appreciated by us auditors, we need all the help we can get - and especially for the wireless lans. We are now auditing those as well.
Oh - we also picked up cell phones that our company pays for - so anything for checking those out would be cool - we are just starting to look for some decent tools.
Thanks again - good stuff!
March 29th, 2005, 07:57 PM
I agree about the image manipulation, if you are going to spend time compiling a shiny report for a higher up, you would more than likely invest that amount of time at another machine. Roger that.
Auditor seems way better than phlak IMHO and I now run it now sits right next to my knoppix-std cd.
Bravo MsM for the update.
(kr5kernel at hotmail dot com)
Linux: Making Penguins Cool Since 1994.
April 20th, 2005, 10:32 PM
OK, I'm a convert. I like it. I've used it. Good stuff.
I still stand by me thoughts about the image software. I can even see why it's added, but do we really need to make a big deal about it being included? It's like advertising that you have ashtrays in your new top-of-the-line safety conscious car. Whoop-dee-doo.
For those of you interested, this is becoming the standard tool for <company-name-withheld-to-protect-the-guilty> consultants to run Kismet for site assesments. I still like my custom built on-the-hard-disk linux install, but for a live-linux tool, this one is pretty solid.
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
April 25th, 2005, 08:16 PM
This looks like an awesome tool for forensics and investigations, but how would you save anything off that you find through scanning and the like? Would you configure up your NIC and then connect to a share or flash drive? Or could you still access your local harddrives?
April 25th, 2005, 08:25 PM
First off, you would *never* save anything you found off to local harddrives. Doing so would compromise the drive by altering the state you fond it in, quite unecessarily. This violates the first rule you should be observing when conducting any type of forensics work.
Sure, you may know that nothing you did affected the evidence in any way, but you're not going to be able to prove that in court, whether that should be either a civil lawsuit or a criminal trial.
You could instead use netcat to pipe the results out to a computer elsewhere on the network, or mount a USB stick or flash drive as you suggested. It's not at all difficult, and the methods used to do this would be no different than on any other hard drive based system.
Or the drive could be mounted in a forensics workstation and all data saved to a separate drive.
So yes, you could still access your local harddrives. A forensics CD would be rather pointless if you couldn't. What would there be to investigate? But, to actually do so would be a *bad* idea, unless you had another local hard drive to save it to.
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError
April 25th, 2005, 08:26 PM
You can access local drives and/or mount a USB drive. man mount should help you with this endeavour.