Re: Windows XP SP2 and Security Tools

From: Sherwyn Williams (sherwill22@tmail.com)
Date: Tue Sep 20 2005 - 20:10:23 EDT

• Next message: Suramya Tomar: "Re: Windows XP SP2 and Security Tools"
• Previous message: sec nerd: "Directory Traversal Attacks"
• In reply to: Steve McLaughlin: "RE: Windows XP SP2 and Security Tools"
• Next in thread: Suramya Tomar: "Re: Windows XP SP2 and Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

For a suitable linux os I would say go with debain 3.1 sarge. You can
download a dvd with the install and use it with the simple apt-get and
program name to install just about any linux secuirity tools out there.
I tool love linux, but sometime dislike the extra libraries.

On Tue, 20 Sep 2005 13:15, Steve McLaughlin wrote:
> We have a Linux box on the perimeter. And I aggree that Linux works way
> much better for anything. Im a Knoppix-STD fan myself. I like to run
> nessus scan from my WIndows XP client though, which points to a Linux
> box on VMware in the DMZ. I will have a look at PHLAK, we are also
> having a look at Eeye products.
> linux is giving me trouble with installing GTK+2.0 with all the
> Libraries it requires that also require libraries.
> I would really like to install cheops-ng and Nessus Client for Linux,
> but this has been giving me grief with the new GTK+ trying when trying
> compile it. I do love the idea of a Live Linux CD, but I dont thnk this
> would work well for a 24/7 Linux box which will be running Snort, and
> Nessusd.
>
> Do you know of any installable Linux Distros which are all good to go
> like Knoppix STD?
>
> ________________________________
>
> From: Josh Perrymon [mailto:perrymonj@networkarmor.com]
> Sent: Mon 19/09/2005 11:03 PM
> To: Steve McLaughlin; pen-test@securityfocus.com;
> security-basics@securityfocus.com
> Subject: RE: Windows XP SP2 and Security Tools
>
>
>
> Are you looking to do pen-testing from a Windows box????
> If so I would disagree due to the RST issues and the stack issues.
> I would install a Linux box or run a LIVE CD such as Auditor or PHLAK
> for your assessments. This will give you all the tools you need for
> info
> gathering, mapping the network , scanning with nessus, metasploit and
> other tools.
>
> I would only suggest using windows XP for running web application tools
> such as Acunetix, WebInspect, AppSecure and others.
>
> I don't find XP to be a good to for something you can do a LOT more
> efficiently in Linux.
>
> You could also run VMWare and run your tools for auditing from a
> virtual
> machine. The only problem this will cause is with wireless auditing due
> to the way drivers bind in Vmware/
>
>
> Joshua Perrymon
> Network Armor
>
> -----Original Message-----
> From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk]
> Sent: Monday, September 19, 2005 10:46 AM
> To: pen-test@securityfocus.com; security-basics@securityfocus.com
> Subject: Windows XP SP2 and Security Tools
>
> Hi List,
>
> We are currently in the stage of rolling out Windows XP SP2. I know
> that
> this had some problems with winpcap a while back.
> we use all the good open source security tools we can with windows, cos
> its easier than putty to the linux box.
>
> Des anyone know of any issues, or problems that SP2 may pose from what
> a
> security pen-testing box is concerned.
> Will it affect any Windows based security tools, or are there any other
> issues it has from a security point of view?
> Considering it is also my workstation, and hence we have to use windows
> for it.
>
> Thankyou in Advance,
> Steve
>
> Visit us at http://www.aggreko.com
>
> Confidentiality Notice: This communication and any accompanying
> attachments contain confidential information intended for a specific
> individual and purpose. This communication is private and protected by
> law. If you are not the intended recipient, you are hereby
> respectfully
> notified that any disclosures, copying, forwarding or distribution, or
> the taking of any action based on the contents of this communication is
> strictly prohibited.
>
> _____________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>
> ------------------------------------------------------------------------
> ------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on
> your
> website. Up to 75% of cyber attacks are launched on shopping carts,
> forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down
> servers
> are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> ------------------------------------------------------------------------
> -------
>
>
>
>
>
> ______________________________________________________________________
>
> This email has been scanned by the MessageLabs Email Security System.
> ______________________________________________________________________
>
>
>
> Visit us at http://www.aggreko.com
>
> Confidentiality Notice: This communication and any accompanying
> attachments contain confidential information intended for a specific
> individual and purpose. This communication is private and protected by
> law. If you are not the intended recipient, you are hereby
> respectfully notified that any disclosures, copying, forwarding or
> distribution, or the taking of any action based on the contents of this
> communication is strictly prohibited.
>
> _____________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on
> your
> website. Up to 75% of cyber attacks are launched on shopping carts,
> forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down
> servers are
> futile against web application hacking. Check your website for
> vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
> hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
Sherwyn Williams
The Williams Solution
Technical Consultant
Sherwill22@hotmail.com

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Suramya Tomar: "Re: Windows XP SP2 and Security Tools"
• Previous message: sec nerd: "Directory Traversal Attacks"
• In reply to: Steve McLaughlin: "RE: Windows XP SP2 and Security Tools"
• Next in thread: Suramya Tomar: "Re: Windows XP SP2 and Security Tools"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:56 EDT