Penetration Testing mailing list archives
Re: Windows XP SP2 and Security Tools
From: Sherwyn Williams <sherwill22 () tmail com>
Date: Tue, 20 Sep 2005 20:10:23 -0400
For a suitable linux os I would say go with debain 3.1 sarge. You can download a dvd with the install and use it with the simple apt-get and program name to install just about any linux secuirity tools out there. I tool love linux, but sometime dislike the extra libraries.
On Tue, 20 Sep 2005 13:15, Steve McLaughlin wrote:
We have a Linux box on the perimeter. And I aggree that Linux works way much better for anything. Im a Knoppix-STD fan myself. I like to run nessus scan from my WIndows XP client though, which points to a Linux box on VMware in the DMZ. I will have a look at PHLAK, we are also having a look at Eeye products. linux is giving me trouble with installing GTK+2.0 with all the Libraries it requires that also require libraries. I would really like to install cheops-ng and Nessus Client for Linux, but this has been giving me grief with the new GTK+ trying when trying compile it. I do love the idea of a Live Linux CD, but I dont thnk this would work well for a 24/7 Linux box which will be running Snort, and Nessusd.Do you know of any installable Linux Distros which are all good to go like Knoppix STD?________________________________ From: Josh Perrymon [mailto:perrymonj () networkarmor com] Sent: Mon 19/09/2005 11:03 PMTo: Steve McLaughlin; pen-test () securityfocus com; security-basics () securityfocus comSubject: RE: Windows XP SP2 and Security Tools Are you looking to do pen-testing from a Windows box???? If so I would disagree due to the RST issues and the stack issues. I would install a Linux box or run a LIVE CD such as Auditor or PHLAKfor your assessments. This will give you all the tools you need for infogathering, mapping the network , scanning with nessus, metasploit and other tools. I would only suggest using windows XP for running web application tools such as Acunetix, WebInspect, AppSecure and others. I don't find XP to be a good to for something you can do a LOT more efficiently in Linux.You could also run VMWare and run your tools for auditing from a virtualmachine. The only problem this will cause is with wireless auditing due to the way drivers bind in Vmware/ Joshua Perrymon Network Armor -----Original Message----- From: Steve McLaughlin [mailto:Steve.McLaughlin () aggreko co uk] Sent: Monday, September 19, 2005 10:46 AM To: pen-test () securityfocus com; security-basics () securityfocus com Subject: Windows XP SP2 and Security Tools Hi List,We are currently in the stage of rolling out Windows XP SP2. I know thatthis had some problems with winpcap a while back. we use all the good open source security tools we can with windows, cos its easier than putty to the linux box.Des anyone know of any issues, or problems that SP2 may pose from what asecurity pen-testing box is concerned. Will it affect any Windows based security tools, or are there any other issues it has from a security point of view? Considering it is also my workstation, and hence we have to use windows for it. Thankyou in Advance, Steve Visit us at http://www.aggreko.com Confidentiality Notice: This communication and any accompanying attachments contain confidential information intended for a specific individual and purpose. This communication is private and protected bylaw. If you are not the intended recipient, you are hereby respectfullynotified that any disclosures, copying, forwarding or distribution, or the taking of any action based on the contents of this communication is strictly prohibited. _____________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down serversare futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. ______________________________________________________________________ Visit us at http://www.aggreko.comConfidentiality Notice: This communication and any accompanying attachments contain confidential information intended for a specific individual and purpose. This communication is private and protected by law. If you are not the intended recipient, you are hereby respectfully notified that any disclosures, copying, forwarding or distribution, or the taking of any action based on the contents of this communication is strictly prohibited._____________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Sherwyn Williams The Williams Solution Technical Consultant Sherwill22 () hotmail com ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Windows XP SP2 and Security Tools Steve McLaughlin (Sep 19)
- Re: Windows XP SP2 and Security Tools xyberpix (Sep 19)
- <Possible follow-ups>
- Re: Windows XP SP2 and Security Tools iceh0use (Sep 19)
- Re: Windows XP SP2 and Security Tools David Barnett (Sep 20)
- Re: Windows XP SP2 and Security Tools Sherwyn Williams (Sep 21)
- Re: Windows XP SP2 and Security Tools David Barnett (Sep 20)
- RE: Windows XP SP2 and Security Tools Josh Perrymon (Sep 19)
- RE: Windows XP SP2 and Security Tools William Tarkington (Sep 19)
- RE: Windows XP SP2 and Security Tools Michael Gargiullo (Sep 19)
- RE: Windows XP SP2 and Security Tools Steve McLaughlin (Sep 20)
- Re: Windows XP SP2 and Security Tools Sherwyn Williams (Sep 21)
- Re: Windows XP SP2 and Security Tools Suramya Tomar (Sep 21)
- Linux Security cd's (Was Windows XP SP2 and Security Tools) xyberpix (Sep 21)
- RE: Windows XP SP2 and Security Tools Todd Towles (Sep 20)
- RE: Windows XP SP2 and Security Tools Roger A. Grimes (Sep 21)
- RE: Windows XP SP2 and Security Tools Josh Perrymon (Sep 21)
- Re: RE: Windows XP SP2 and Security Tools demarj (Sep 21)