First, a friend sold me his old laptop, which was far better than my current notebook. It was a Sony VAIO SZ34GP. I installed CentOS 5.5 on this notebook, just a base install with development libraries and tools. The instructions below provide a brief list of tools and their associated configurations.
Repositories
There's a need to set-up some additional repositories for CentOS to enable the installation of additional thir party applications. For more information refer to References 3Section.
- sudo bash
- cd /etc/yum.repos.d/
- wget -q -O - http://www.atomicorp.com/installers/atomic |sh
- wget http://dries.eu/pub/dries-el.repo
- wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
- rpm -ivh rpmforge-release-0.5.1-1.el5.rf.i386.rpm
- yum update
Installation
Install tools to be used for the competition. Most of the tools are penetration testing tools I have used in the past. I made a point of installing the development libraries and tools during the CentOS installation. This would be useful for developing and testing possible exploits.
- sudo yum -y install nmap
- sudo yum -y install amap
- sudo yum -y install hydra
- sudo yum -y install aide
- sudo yum -y install snort
- sudo yum -y install nikto
- sudo yum -y install ntop
- sudo yum -y install fail2ban
- sudo yum -y install tcptrack
- sudo yum -y install dsniff
- sudo yum -y install ngrep
- sudo yum -y install fragroute
- sudo yum -y install hping
- sudo yum -y install scapy
- sudo yum -y install tcptraceroute
- sudo yum -y install firewalk
- sudo yum -y install iptraf
- sudo yum -y install kismet
- sudo yum -y install ettercap
ChaosReader
- Download latest version from source forge (http://chaosreader.sourceforge.net)
- sudo mkdir -p /opt/chaosreader
- sudo cp chaoreader0.94 /opt/chaosreader/
- sudo chmod 755 /opt/chaosreader/chaoreader0.94
- sudo ln -s /opt/chaosreader/chaoreader0.94 /usr/local/bin/
John the Ripper
- wget http://www.openwall.com/john/g/john-1.7.6.tar.gz
- tar zxvf john-1.7.6.tar.gz
- cd john-1.7.6
- cd src
- make
- clean linux-x86-any
- sudo mv ../run /opt/john-1.7.6
- sudo chown -R root:root opt/john-1.7.6
- mv /opt/john-1.7.6/john.conf /opt/john-1.7.6/john.ini
- sudo ln -s /opt/john-1.7.6/john /usr/local/sbin/
- sudo ln -s /opt/john-1.7.6/john.ini /usr/local/sbin/
OpenVAS
- sudo yum -y install openvas-server openvas-client openvas-scanner
- sudo openvas-mkcert
- sudo /usr/sbin/openvas-nvt-syn # Add as a cron job - refer to OpenVAS documentation
- sudo /etc/rc.d/init.d/openvas-scanner restart
- sudo /usr/sbin/openvas-adduser # Add rules "default accept" if unsure
Skipfish
- wget http://skipfish.googlecode.com/files/skipfish-1.81b.tgz
- tar zxvf skipfish-1.81b.tgz
- sudo mv skipfish-1.81b /opt/
- sudo ln -s /opt/skipfish-1.81b/skipfish /usr/local/sbin/
- sudo ln -s /opt/skipfish-1.81b/sfscandiff /usr/local/sbin/
- sudo chown -R root:root /opt/skipfish-1.81b
VMWare Server
- Download the latest VMWare Server, at the time of this blog it was version 2.0.2
- tar zxvf VMware-server-2.0.2-203138.i386.tar.gz
- cd vmware-server-distrib
- sudo ./vmware-install.pl
References: