Hacker 10 – Security Hacker

Tag: hacking Linux distribution

  • Linux Parrot OS for hacking, security and anonymity

    Linux Parrot OS for hacking, security and anonymity

    Parrot OS is a live and installable operating system based on Debian Linux and targeted at penetration testers and people interested in online anonymity. The nearly 2GB DVD download integrates professional and beginner computer security tools inside the MATE Desktop environment, a GNOME2 fork

    Booting can be done in forensic mode, listed as Stealth, to avoid modifying any file in the host computer, live, live fail safe or with a graphical GUI to install the operating system in your computer, visually impaired people can use a speech synthesis installer.

    Parrot OS default username is root with password toor easily changed after logging in. The distribution homepage has a Wiki but at the moment it only contains basic information for newbies about how to boot from BIOS or burn the distribution to a USB thumbdrive. However, if you are familiar with Linux you should not have to read too many tutorials, the tools included in Parrot OS are the same ones found in similar pen testing distributions like Kali or BackTrack Linux.

    Linux penetration testing Parrot OS
    Linux penetration testing Parrot OS

    Some useful tools for privacy activists found in Parrot OS are Truecrypt to encrypt data, Bleachbit to erase Internet tracks, although if you run the live DVD this will not be needed, and the Iceweasel browser running with Tor, with Vidalia providing a graphical interface to manage the Tor network, showing consumed bandwidth, nodes you are connected to and message logs.

    Tools for penetration testers include packet sniffer Wireshark, man in the middle attacks with the Ettercap suite and an md5crack to brute for passwords out of captured md5 hashes. A screenshot and desktop recording utility is able to document all you do.

    Practically all of the hacking tools are found under the Parrot menu, dozens of programs nicely classified under descriptive activities such as “Information Gathering” ; “Sniffing/Spoofing“; “Wireless Attacks“; “Reverse Engineering” and many others with a submenu are all easily accessible.

    Although this distribution is being advertised as anonymity and penetration testing in one, I believe that it is mostly suitable for pen testers, those who want anonymity are still better off with Tails. Parrot OS is similar to Attack Vector Linux, packing powerful penetration testing tools with Tor to hide who is using them. On the other hand, any sys admin worth his salt will be blocking all Tor proxies from accessing the network.

    Computer forensics can also benefit from Parrot OS, as it has a dedicated “Forensics” menu with carving, hashing and imaging tools together with reporting tools to manage evidence and a forensic boot that will not modify data. You can find this distribution to be a sound alternative to BackTrack.

    Visit Parrot OS homepage

  • Linux penetration testing distribution NetSecL OS

    Linux penetration testing distribution NetSecL OS

    NetSecL OS is a penetration testing OpenSuse based Linux distribution with the lightweight Xfce window manager. The distribution’s kernel has been hardened with grsecurity patches, a set of rules that allows for more extensive system auditing and protects you from stack overflows by making them non executable.

    The latest NetSecL OS 5.0 removes Firefox and incorporates the Chromium browser, not to be confused with Chrome. Even thought they both use the same source code, Chromium does not release binaries, it has to be built from source, and it does not send data to Google, the Chromium browser has improved privacy over Chrome.

    Other privacy enhancing features in NetSecL OS include Macchanger, a Unix utility to view, fabricate or forge a  MAC network card address and a Firewall GUI builder to set your own system access rules.

    Linux security distribution NetSecL OS
    Linux security distribution NetSecL OS

    You can run NetSecL OS as a live DVD or install it in a USB or hard drive. A .ova virtual  machine is available for download from Suse Studio website for testing. The default users are root and tux and the password for both of them is linux

    You can find specific penetration testing tools like the Metasploit framework , packet sniffer Wireshark, network monitor EtherApe, Open Vulnerability Assessment System OpenVas, port scanning Nmap, security reconnaissance Skipfish along password manager KeePassX, text editor Abiword, FTP client FileZilla and the open source Windows API implementation Wine, to run Windows programs in Unix.

    NetSecL OS has all the tools a security professional needs to break into a network, I can see this operating system complementing BackTrack. The main difference in between both being that NetSecL OS is fixated with offensive security and not digital forensics, for example,NetSecL OS does not have image acquisition tools, in lieu BackTrack covers both fields.

    If you don’t like Backtrack Ubuntu base or just want to try something new, NetSecL OS is a valuable OpenSuse pen testing distribution.

    Visit NetSecL OS homepage