OpenVas is a open source vulnerability assesment system just like nessus, openVas used to find the vulnerabilities on a computer system, it is open source so you dont need to buy it, however you can get home feed of nessus for free too, but we consider both of them. If you want to know more about OpenVas than click here, and for nessus click here.
You can find nessu on backtrack 5 but you have to install openvas on backtrack5, so below is the tutorial for Openvas it includes how to install openvas in backtrack 5 and some basic usage.
Backtrack5 is not necessary to run openvas, if you are using some other version of backtrack or if you are using some other distro like Ubuntu than the procedure is same.
Tampilkan postingan dengan label Backtrack. Tampilkan semua postingan
Tampilkan postingan dengan label Backtrack. Tampilkan semua postingan
Senin, 26 Maret 2012
Forensics
Anti Virus Forensic Tools
chkrootkit
chkrootkit is a utility that will check for signs that a device is infected with a rootkit. It runs on Linux, FreeBSD, and OSX versions. It uses standard utlitities such as awk, grep, netstat, cut, echo, and more in order to detect signatures that suggest rootkits.
The standard use of chkrootkit should contain an alternate path to trusted binaries (don’t trust binaries on a machine you are scanning), along with the path to the directory to be scanned.
Example usage: chkrootkit -p [path-to-trusted-binaries] -r [root-path-to-scan]
chkrootkit
chkrootkit is a utility that will check for signs that a device is infected with a rootkit. It runs on Linux, FreeBSD, and OSX versions. It uses standard utlitities such as awk, grep, netstat, cut, echo, and more in order to detect signatures that suggest rootkits.
The standard use of chkrootkit should contain an alternate path to trusted binaries (don’t trust binaries on a machine you are scanning), along with the path to the directory to be scanned.
Example usage: chkrootkit -p [path-to-trusted-binaries] -r [root-path-to-scan]
Minggu, 25 Maret 2012
Hydra
cara pakenya tinggal:
Code:
hydra -L "userlist" -P "wordlist" ip-target service PLAIN
artinya:
-L digunakan jika kita mempunyai list user yg kemungkinan dipake (ga pake -L jg bisa kok tapi harus di sebut usernya, tapi harus huruf L kecil, contoh --> -l admin)
-P adalah wordlist yang kita punya, klo di BT5 defaulnya ada di /pentest/passwords/wordlists/darkc0de.lst
ip-target diisi target kita, bisa webserver, router, switch, apapun itu asal ada ip dan service yg berjalan (dan termasuk dalam service yg ada di hydra tentunya)
Code:
hydra -L "userlist" -P "wordlist" ip-target service PLAIN
artinya:
-L digunakan jika kita mempunyai list user yg kemungkinan dipake (ga pake -L jg bisa kok tapi harus di sebut usernya, tapi harus huruf L kecil, contoh --> -l admin)
-P adalah wordlist yang kita punya, klo di BT5 defaulnya ada di /pentest/passwords/wordlists/darkc0de.lst
ip-target diisi target kita, bisa webserver, router, switch, apapun itu asal ada ip dan service yg berjalan (dan termasuk dalam service yg ada di hydra tentunya)
Langganan:
Postingan (Atom)
