Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Any caveats for linux under VMware, pen testing?
From: josh <josh () tkos co il>
Date: Sun, 5 Sep 2004 10:29:20 +0300 (IDT)

On 3 Sep 2004 shannon () areawidetech com wrote:



I'm considering running Linux from my XP pro laptop under a VMWare (workstation edition) session. Anyone out there w/ 
experience using this setup that might have any tips / warnings / encouraging advice? This machine would be for pen 
testing, and is definitely beefy enough to handle the load, if this is a good solution. I'd be running Nessus, and 
doing probing w/ nmap.

My other alternative is to repurpose a machine from our lab, but the physical setup and reloading would take far more 
time than the VMWare option, and would obviously be less flexible.

So is anyone out there using this setup...? I heard rumors of problems related to direct hardware access (the NIC) 
for wardiving purposes...?

Hi Shannon,
This is a bad idea. I had the same setup and discovered that all the
limitations that Windows XP has (espcially in their TCP stack) you will
have in Linux (when run from VMWare). This will greatly effect the
reliabilty and capability of your Nessus scans.

-- 
  - josh

  94 F8 9F 3E 9A DB 6E FC  F8 17 F1 B4 C7 51 CB AA   ~. .~ Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - josh () tkos co il - tel: +972.58.520.636, http://www.tkos.co.il


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]