New Auditor Live CD Released - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: New Auditor Live CD Released

  1. #11
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    It's a nice edition IF YOU LIKE THAT SORT OF THING, but it has absolutely nothing to do with whether VW has made a good automobile.
    Ya but people like shiny new pennies and such.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  2. #12
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    Too bad they don't have a torrent. They could save themselves a lot of money by using other people's bandwith...

    Thanks for the link. I downloaded it at work the other day but forgot to burn it so I have to download again before I can play.

    The auditor and whoppix CDs are my favorite live distros.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #13
    Senior Member
    Join Date
    Mar 2003
    Posts
    452
    For those who have used both, would you say Auditor Live is better than Phlak ( http://www.phlak.org/modules/news/ ) or Knoppix-STD ( Security Tool Distribution http://www.knoppix-std.org/ )?


    PuRe
    Like this post? Visit PuRe\'s Information Technology Community. We\'ve also got some kick ass Technology Forums. Shop for books and dvds on LiveWebShop.com

  4. #14
    Senior Member
    Join Date
    Aug 2002
    Posts
    508
    In my opinion...I like Auditor than phlak or knoppix-std. You don't need two pcmcia cards to do wireless penetration testing (cracking wep using aircrack,etc), check out articles on securiyfocus about "wep dead again part 2".

    One thing I don't like from Auditor..I have to run that live cd as "root" and I couldn't use internet connection using adsl/broadband ( I think they removed rp-pppoe for internet connection) but I still can get online using my wireless connection.
    Not an image or image does not exist!
    Not an image or image does not exist!

  5. #15
    Senior Member
    Join Date
    Jan 2005
    Posts
    100
    Thanks for the post Ms.Mittens - anymore like that would be appreciated by us auditors, we need all the help we can get - and especially for the wireless lans. We are now auditing those as well.

    Oh - we also picked up cell phones that our company pays for - so anything for checking those out would be cool - we are just starting to look for some decent tools.

    Thanks again - good stuff!
    \"An ant may well destroy a whole dam.\" - Chinese Proverb
    \"Not only can water float a craft, it can sink it also.\" - Chinese Proverb

    http://www.AntiOnline.com/sig.php?imageid=764

  6. #16
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    I agree about the image manipulation, if you are going to spend time compiling a shiny report for a higher up, you would more than likely invest that amount of time at another machine. Roger that.

    Auditor seems way better than phlak IMHO and I now run it now sits right next to my knoppix-std cd.

    Bravo MsM for the update.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  7. #17
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    OK, I'm a convert. I like it. I've used it. Good stuff.

    I still stand by me thoughts about the image software. I can even see why it's added, but do we really need to make a big deal about it being included? It's like advertising that you have ashtrays in your new top-of-the-line safety conscious car. Whoop-dee-doo.

    For those of you interested, this is becoming the standard tool for <company-name-withheld-to-protect-the-guilty> consultants to run Kismet for site assesments. I still like my custom built on-the-hard-disk linux install, but for a live-linux tool, this one is pretty solid.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  8. #18
    Member
    Join Date
    Mar 2005
    Posts
    65
    Ola:

    This looks like an awesome tool for forensics and investigations, but how would you save anything off that you find through scanning and the like? Would you configure up your NIC and then connect to a share or flash drive? Or could you still access your local harddrives?

    Gracias.

  9. #19
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    First off, you would *never* save anything you found off to local harddrives. Doing so would compromise the drive by altering the state you fond it in, quite unecessarily. This violates the first rule you should be observing when conducting any type of forensics work.

    Sure, you may know that nothing you did affected the evidence in any way, but you're not going to be able to prove that in court, whether that should be either a civil lawsuit or a criminal trial.

    You could instead use netcat to pipe the results out to a computer elsewhere on the network, or mount a USB stick or flash drive as you suggested. It's not at all difficult, and the methods used to do this would be no different than on any other hard drive based system.

    Or the drive could be mounted in a forensics workstation and all data saved to a separate drive.

    So yes, you could still access your local harddrives. A forensics CD would be rather pointless if you couldn't. What would there be to investigate? But, to actually do so would be a *bad* idea, unless you had another local hard drive to save it to.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  10. #20
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    You can access local drives and/or mount a USB drive. man mount should help you with this endeavour.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides