Irregular Expressions

Apr 28 2013   2:12AM GMT

SSH Brute Force Scanner – Tools Used

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

I mentioned a few tools as I was looking at the unixcod scanner, but I thought it would be nice to place them all in one post.

IDA Pro Free;

One thing I did not mention about this, is that it is cross platform.   Yes you can run it on Linux and OSX.  Well at least the full version.  The only thing to watch out for is that when you start working on a file it will start in graph view.  You can change it easy but right clicking on it and selecting text.  Graph view is handy but I prefer to spend most of my time in text view.

 

REMnux;

There is no point re-inventing the wheel.  All of the tools I usually need when preforming analysis are included with REMnux.  Most of the time I use it to emulate and capture network traffic samples could be making.   Using the utilities farpd (fake arp), and fakedns you can have REMnux redirect any traffic being made to itself.  It also comes with an IRC server and a pre-made fake web server that uses nc (netcat).   Strings which I mentioned more then once is also on here, it should be included in most distro’s and if it is not you should be able to install it.  I would just recommend doing all of your sample work away from production machines.  It just takes one slip up and you could be in trouble.   With REMnux you can have it running as a VM and just revert the state.

 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: