Re: Lab OS Choices

From: Pete Herzog (lists@isecom.org)
Date: Thu Aug 16 2007 - 16:25:14 EDT


Hi,

Booting from a Live Linux CD is the way to do it. Running it virtually is
not only a huge mistake but a disservice to the client. Your job is to
look at security under a microscope and by adding more layers of
abstraction you may as well be standing on a ladder and peering down into
the microscope with binoculars. You cannot get the same packet results
consistently with a virtual machine that you will with the original OS on
metal.

I wish some university student will finally do their thesis on this to
prove me wrong. I wish the virtualization industry has come so far as to
make testing from a virtual machine a reality.

So if you're testing at the application level then feel free to have as
many layers of abstraction as your little heart can handle because it's
often the content of the packets that matter and not the configuration. But
if you want to know what's going down on the wire, be a sociologist and get
close to it. That's what you'll learn in the OPST.

-pete.
www.isecom.org

Jason Alexander wrote:
> So in a pen test would I be right in thinking that using a virtualised
> os like backtrack would not produce the same results as a laptop with
> the os installed directly? I ask this as many pen testers I know use mac
> books with paralells and have xp and usually BT virtualised to conduct
> their tests?

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:02 EDT