Wireless Access

Reply
Contributor I
Posts: 50
Registered: ‎05-15-2012

Security script for pentest

Hi Aruba community,

Do you have a script for penetration test? I need to test the Aruba WIPS for man in the middle, ap spoofing, ap impersonation, DoS... in a University context. Thanks in advance.

Best Regards.
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Security script for pentest

[ Edited ]

Use any linux live cd that contain tools as u need.

i'm using backtrack / airemon/dump/play + reaver.

 

I advise on:

backtrack (Kali)

http://www.backtrack-linux.org/

http://www.kali.org/

 

or

XIAOPAN

http://xiaopan.co/

(not in the bellow list - but it small and got all i need :) )

 

 

here is a short list from the WWW:

  1. Arudius : A Linux live CD. The CD consists of a Zenwalk Linux base on top of which a large collection of network security testing software has been installed.
  2. BackTrack: Ah the favorite one for most of the pen testers!  Do I need to mention more?
  3. **bleep** Vulnerable Linux (DVL): A Linux-based tool for both novice and professional security personnel. It was initiated for training tasks and learning IT security knowledge domains such as web vulnerability, network security, or binary vulnerability such as exploitation or shellcodes.
  4. DEFT (Digital Evidence & Forensic Toolkit): A Xubuntu Linux-based Computer Forensics live CD. It is a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics.
  5. FCCU:  A GNU/Linux Forensic Boot CD is based on Debian-live that contains a lot of tools suitable for computer forensic investigations, including bash scripts. The main purpose of the CD is to help the forensic analyze of computers.
  6. Frenzy: A portable system administrator toolkit based on FreeBSD. It generally contains software for hardware tests, file system check, security check and network setup and analysis.
  7. grml:  grml is a bootable CD (Live-CD) originally based on Knoppix and nowadays based on Debian. grml includes a collection of GNU/Linux software especially for system administrator and users of texttools. grml provides automatic hardware detection.
  8. Helix:  A customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.
  9. Knoppix-NSM:  This is to learn about Network Security Monitoring or to deploy a NSM capability in your network based on KNOPPIX Technology.
  10. Network Security Toolkit (NST):  A bootable ISO live CD based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
  11. OSWA Assistant:  A self-contained, freely downloadable, wireless auditing toolkit for both IT-security professionals and End-users alike.
  12. OWASP Labrat:  The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. The OWASP Live CD (LabRat) is a bootable CD akin to knoppix but dedicated to Application Security.
  13. Protech:  A specially designed Linux distribution for security technicians and programmers, although it can be used normally as your default desktop system. Protech ONE comes with a great variety of the best security tools for your use.
  14. Samurai:  The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.

 

 

 

Another list - with  info regarding each version:

http://www.concise-courses.com/security/top-ten-distros/

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Contributor I
Posts: 50
Registered: ‎05-15-2012

Re: Security script for pentest

Thank you for your help.

 

Finally, are there an Aruba official security test document like a checkbox list? Thanks again.

MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Security script for pentest

Read here (It will give u some ideas on where to start):

(From AirHeads)

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/WLAN-security-and-penetration-testing-primer-at-Security-Tube/td-p/23700

http://community.arubanetworks.com/t5/Unified-Wired-Wireless-Access/Locking-down-AOS-and-PEN-Testing/td-p/28344

http://www.arubanetworks.com/pdf/technology/TB_ProtectTheAir.pdf

 

 

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
Search Airheads
Showing results for 
Search instead for 
Did you mean: