RE: Windows XP SP2 and Security Tools

From: Todd Towles (toddtowles@brookshires.com)
Date: Tue Sep 20 2005 - 09:58:39 EDT

• Next message: Security Professional: "Re: Pen Testing for investigators"
• Previous message: Cedric.Baechler@vtg.admin.ch: "Passwords with Lan Manager (LM) under Windows"
• Maybe in reply to: Steve McLaughlin: "Windows XP SP2 and Security Tools"
• Next in thread: Roger A. Grimes: "RE: Windows XP SP2 and Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It is my understanding that the new nmap has bypassed the raw socket
issues that were in SP2. Ethereal runs fine with the new beta Winpcap,
so you shouldn't have any problem running what you want to run on
Windows. But as everyone pointed out, if you really want to pen-test
(Linux/Mac) is a much better OS to use. Windows is useful for some apps
but you aren't being as powerful as you could be. Just my 2 cents.

-Todd

> -----Original Message-----
> From: Michael Gargiullo [mailto:mgargiullo@pvtpt.com]
> Sent: Monday, September 19, 2005 3:07 PM
> To: pen-test@securityfocus.com
> Subject: RE: Windows XP SP2 and Security Tools
>
> Win xp sp2 works fine. I run the windows nessus port when I
> need to cross a VPN. Nmap runs fine, as does nbtenum.
>
> -----Original Message-----
> From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk]
> Sent: Monday, September 19, 2005 10:46 AM
> To: pen-test@securityfocus.com; security-basics@securityfocus.com
> Subject: Windows XP SP2 and Security Tools
>
> Hi List,
>
> We are currently in the stage of rolling out Windows XP SP2.
> I know that this had some problems with winpcap a while back.
> we use all the good open source security tools we can with
> windows, cos its easier than putty to the linux box.
>
> Des anyone know of any issues, or problems that SP2 may pose
> from what a security pen-testing box is concerned..
> Will it affect any Windows based security tools, or are there
> any other issues it has from a security point of view?
> Considering it is also my workstation, and hence we have to
> use windows for it.
>
> Thankyou in Advance,
> Steve
>
> Visit us at http://www.aggreko.com
>
> Confidentiality Notice: This communication and any
> accompanying attachments contain confidential information
> intended for a specific individual and purpose. This
> communication is private and protected by law. If you are
> not the intended recipient, you are hereby respectfully
> notified that any disclosures, copying, forwarding or
> distribution, or the taking of any action based on the
> contents of this communication is strictly prohibited.
>
> _____________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit
> http://www.messagelabs.com/email
> ______________________________________________________________________
>
> --------------------------------------------------------------
> ----------
> ------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your website. Up to 75% of cyber attacks are
> launched on shopping carts, forms, login pages, dynamic
> content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website
> for vulnerabilities to SQL injection, Cross site scripting
> and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> ----------
> -------
>
>
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your website. Up to 75% of cyber attacks are
> launched on shopping carts, forms, login pages, dynamic
> content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website
> for vulnerabilities to SQL injection, Cross site scripting
> and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Security Professional: "Re: Pen Testing for investigators"
• Previous message: Cedric.Baechler@vtg.admin.ch: "Passwords with Lan Manager (LM) under Windows"
• Maybe in reply to: Steve McLaughlin: "Windows XP SP2 and Security Tools"
• Next in thread: Roger A. Grimes: "RE: Windows XP SP2 and Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:56 EDT