Linux and Automated Security Assessment Tools

Introduction

This Chapter introduces you to Linux. Linux is used to power many of the servers found around the world. It is a robust, full-featured operating system. It is a hacker's favorite because it is easy to develop programs, and it is a great platform for building and testing security tools. We look at Linux basics, how passwords are stored, and the format they are stored in. Hacking Linux is also discussed, and you will get to see that although the hacking tools might change, the overall process remains the same as with Windows hacking.

The second half of the Chapter looks at automated assessment tools. If you have yet to perform any security assessments or penetration tests, you'll discover how valuable these tools can be. With limited manpower and time, automated security tools can be a big help with filling in the gaps. Automated assessment tools can be used to scan code, applications, or entire networks depending on their design. Some of the more popular automated assessment tools include Flawfinder, Nessus, Saint, and Metasploit. Each of these is examined in this Chapter.