Joined: Nov. 2006
||Posted: Dec. 04 2006,20:07
Thanks for the link. Too bad i don't understand Japanese.
So I understand now what you meant by DSL is a sandbox. But that's why I thought it could be used as a pen-testers tool. That's probably why I initially put this in the other area.
I've checked around the files looking for some of these tools and have haven't been able to find them.
Some of the things I can see this being used for is like forensic investigators looking at a suspects computer for evidence. If you have a search warrant and get the suspects permission you can do a limited amount of searching before you confiscate evidence.
The other is for a pen-tester who would be doing a quick down and dirty assessment. For instance, if a client asks what would it take for you to do an assessment of my company, I don't have a topology I don't have any schemeatics I don't have a clue where anything is, but I need to have some sort of vulnerability analysis or pen-test.
With a tool like this having a few nice tools loaded like, nc, nmap, metasploit, nessus, tcpdump, johntheripper, firewalk, Sleuthkit etc. you could set up a few quick scripts or run through a quick nmap scan, maybe a johntheripper or something to be able to assess what this might cost the client.
So, if the only way to get to the hd physically is to go through the network, that may not be the idea way to do any of this since we'd like to keep everything read only.
I just thought there may be another way to do this.
Thanks for the Japanese links though it kept me busy for a few hours.