RE: ideal OS distro for network scanning?

["Michael Scheidell" <scheidell () secnap net>]

Best os depends on the one you know best.
If you can't configure it, or don't know how to optimize it, the best
os, mis-configured will be the worst os.

> I like OpenBSD's security paranoia (don't want the scanner 
> being compromised), but I also understand that linux can be 
> hardened as well, so my second concern is the underlying OS 
> skewing the results of a network scan and the ability for the 
> OS to stay out of the way of the scan results.

Biggest issues with scans would be the firewall used (if any)
If you feel comfortable deploying 'your os' without any firewall, do
that.

If you do this, and use a dual homed system, make sure you bind internal
things like nessusd to localhost, and remote access like ssh to the
internal nic.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------