Linux Hacking Tools

[Arch]

I need the help of all you hacking types. I have a class wherein I'm going to need to do some "recon" on the System Security class' computers. Unfortunately I know nothing of Linux and the assorted hacking tools. What I need are some suggestions from you fellas that will help me figure out such things as OS version, open ports, running services, etc...etc.

[DCrazy]

Well you're gonna need a port scanner for one. If the computer's running a web server, that opens up a whole list of possibilities, from SQL Injections to Buffer Overflows.

Check here: http://www.astalavista.net

[Jeff250]

http://packetstormsecurity.org/

[Arch]

Thanks for the suggestions, I'll check out the sites in a little more detail when I get a chance. Does anyone else have any suggestions?

[MD-2389]

Yeah, download Phlack.

[Tricord]

Ethereal for packet sniffing.
Definitely must-have.

If someone else is using the server you just might sniff their password.

[Arch]

Well, the games have begun and people have started poking and proding the machines since monday. Unfortunately the machines are on a different subnet so I can't do any kinda of packet capturing.

Several of the machines have already been completely owned. All of them were Windows machines too, shocking isn't it. So far the Linux machines seem relatively untouched. All I've done thus far is poke at them with nmap to see whats running.

[Cuda68-2]

http://www.winhackingexposed.com/

[Tricord]

Arch, maybe you can get another machine in that subnet to sniff traffic for you.

That's what we did at univ... Installed a sniffer on one of the computers in the PC room and then ARP-spoof the target machine (they were using switches) to sniff whatever traffic to it.

I also sniff my brothers MSN conversations, but that's another matter

[R e v]

I also sniff my brothers MSN conversations, but that's another matter

www.vericept.com

Fun stuff...