Automate Penetration Testing with Linux and Fast-Track
January 06, 2010
Don't let the bad guys run pen tests on your network before you do.
The problem with penetration testing tools is that they offer as much utility to black hats and script kiddies as they do white hats and workaday network administrators. That's all the more reason to learn how to use them now, before the wrong person decides to take a peek at your network.
Automated penetration testing tools are a two edged sword: they make it easy to check for well known vulnerabilities on your network, but they can also be used by hackers to try to compromise any vulnerable machines on your network.
Since they are quick and easy to use they can be used by unskilled hackers or script kiddies - which makes it all the more important that you run these tools yourself so you can fix any vulnerabilities you find before they are exploited by others.
A good tool to start with is Fast-Track, a relatively new Python-based open-source project. Parts of Fast-Track rely on the Metasploit Framework , so as well as Fast-Track we'll need to install that as well. In this How To we'll be using a system running Ubuntu 9.10 - you may need to make adjustments if you are using a different Linux distro.