  1. yup, with osx you will eventually have to install kali or another  pentesting os to virtualmachine. Even tho a lot of nice tools can be `brew install`ed to mac.

    So if you go with a linux laptop, sure you can get all tools installed manually, or go with kali linux. However, kali might not be a great day to day OS; so you might end up virtualizing it anyways... (what I've done myself).

    Also, depending where your interests are, you might also need windows (for e.g IDA) so you might end up playing with virtualization anyways. Yet with a modern laptop the overhea of virtual machine is barely noticeable.  

    Myself I've chosen to use macOS (15" touchbar) and throw in a VMWare kali whenever I feel doing more complicated stuff...

    So I'd worry more about how I like to hardware and OS I'd be using for next 3-5 years, than just how it's suited for pentesting. Especially if it's going to be a hobby and not a profession; sure it's different if you end up doing it fulltime.



  2. Well if you really want to learn to use terminal etc. Arch linux is probably best, but it could be too hard for beginners. Yet you would learn a lot.

    If you would like to start with a bit easier distro you ciuld use ubuntu. Its probaly most user friendly linux out there :)

    Although some settings are hard to change in newest ubuntu.

    I started using linus as my main os whit bt4 (backtrack 4).

    Its easiest to learn when you need to do something, not just by reading guides. And watching hak5 episodes an following those tutorials will also help you.

    If your computer can run linux in virtual machine, you could do a lot with it, xause you can accidentally destroy grub bootmanager...

  3. And remember, when you remove partition containing your Xubuntu installation, it will delete all data in there, so have your data somewhere else.

    And it might be good idea to have all important data backed up, in case you remove wrong partition (windows is on NTFS, and ubuntu on ext4(or 3)

  4. With ubuntus network manager its really easy. Right click that wifi-symbol (nm-applet) then down there Edit connections. Then tab Wired connections, and click "Add" give it a name, and then (tab, where you can set ip, dhcp etc. ) select from drop down menu "Shared to other computers".

    Then after connecting eth0 or what ever devide you are using :) select that profile from thet wifo-symbol.

    I wrote it from memory, but thats pretty.much the process.

    PS. i wrote this with tablet, so sorry for typos.

  5. I hadn't time to read everything, but just form experience I have a few suggestions.

    1. Some universities have all their course materials publicly online, and usually free for personal use. I haven't in this context used any, but at least fro programming I'v found plenty of university course materials to read.

    http://ocw.mit.edu/courses/electrical-engineering-and-computer-science/ might have something interesting to read.

    2. Actually reading html code from other sites (prefer small and sitest that you except to be may by humans, not content management systems, like drupal)

    Also firbug for firefox is a nice tool to explore code, in Chrome right click and "Inspect element".

  6. Well I think that you could install it and actually any OS to usb stick, so it could be possible to get firewall on usb stick. You'll just need two Ethernet cards for a computer to use as firewall.

    And btw I ended up purchasing another Ethernet card for my setup.

  7. Well as I have only one network card available I can't use it as firewall + modem, so Im now configuring http://www.howtoforge.com/squid-proxy-server-on-ubuntu-9.04-server-with-dansguardian-clamav-and-wpad-proxy-auto-detection Squid ClamAv and dansguardian on VM. It seems to be working well, yet It makes internet quite slow, and blocks a lot of sites. Im not sure if it's because of clamAV or something else.


    Actually I now have privoxy insalled with https://aur.archlinux.org/packages.php?ID=43861 AdBlock Plus block sites and it works realy well. Tomorrow Ill try to get squid and privoxy to work so it can cache websites and block ad's.

  8. Yea I get your point :D

    Actually I might not be looking just for a firewall product.

    Im actually more interested on setting up this server which would work as a firewall, caching websites, maybe block ads, and that I wound connect to it using OS'es included proxy, so I would be able to use internet without the need of using that device.

    Sounds like squid :D

  9. Well I think that My biggest problem setting that kind of server is that Im using dd-wrt wlanAP and it shares dhcp so if I put that between modem and wlanRouter it will see just one client. Ant it currently has just one LAN card...

  10. Hi,

    My from the University I study I will get access MSDNAA and I can basically get one of each product for free, like Server 2008, Exchange server etc. A lot of stuff anyway.

    So I might be interested to install and configure microsoft forefront threat management gateway 2010 and use it as a firewall for my internet connection at home. It might be a overkill, but a good firewall and malware protection would be nice. However I dont have that powerfull machine to run it, Im hoping to install it to HP 7700p, which I got for free from work.

    But Im not sure I it's good idea to use microsoft forefront threat management gateway 2010 at home, with no domain, so Should I try first some opensource products? like smoothwall etc?

    any opinion ideas thoughts?

  11. Hi,

    Iv heard about this browser add on which saves all user typed data, and it you accidentally clicked back and lost everything you wrote you would be able to restore it with ease.

    Iv might heard aboutthis in hak5 on tekzilla episode, butcant figure out the name, nor when I'v heard about it. It was less than two months ago :D

    Thanks in advance :D

