testing cisco vulnerability and GNS3
Hey all. I've been reading the forum for a few months now and have finally registered. Got on to backtrack from wanting to perform a wireless audit after having read several "WPA is dead/broken" articles that are scattered over google. Great distro, though I know very little about security/pentesting.
I've even been thinking about taking up pentesting career wise, as I've found it's quite entertaining.
I also very much respect that the forum is kept clean from the "how do I crack Wireless, use your neighbor's internet types"
I have had zero linux knowledge before taking up backtrack, but have learned alot already using VMware, virtual box and of course linux. keep up the great work guys!
Now onto my question. It may be somewhat off topic, but I was wondering if anyone has used GNS3 or maybe dynagen for emulating a cisco IOS and doing a pentest on the mounted IOS images. I've used GNS3 a fair bit already, and it's amazing software. Far better than packet tracer or the BOSON netsim router simulations IMHO. As I understand it, you can build a nigh on fully functional VoIP lab with GNS3, even tie it to the internet. For those unfamiliar with GNS3, it's like VMware for running cisco IOSs. I've been lucky enough to utilize an IOS with advanced feature sets that my work allowed me use of. Just wondering if anyone has tried any of the cisco tools on an emulated IOS.
I'm not quite experienced enough to give it a go just yet. I'll need to do some more research before an attempt. Lately I've been spending time researching and testing individual tools. I started with the aircrack suite and cowpatty/genpmk, and have worked into hydra, and done some light reading on metaspliot. Still a long way to go.
And thanks again for the goldmine that this forum is!
I appreciate that the tools, and information for training is out there if one is driven enough to seek it and advance one's career. Very important for me as I cannot afford any schooling or formal training at this point, but am motivated enough to self-teach.