Penetration Testing mailing list archives
RE: ideal OS distro for network scanning?
From: "Michael Scheidell" <scheidell () secnap net>
Date: Sun, 15 Jan 2006 12:32:30 -0500
Best os depends on the one you know best. If you can't configure it, or don't know how to optimize it, the best os, mis-configured will be the worst os.
I like OpenBSD's security paranoia (don't want the scanner being compromised), but I also understand that linux can be hardened as well, so my second concern is the underlying OS skewing the results of a network scan and the ability for the OS to stay out of the way of the scan results.
Biggest issues with scans would be the firewall used (if any) If you feel comfortable deploying 'your os' without any firewall, do that. If you do this, and use a dual homed system, make sure you bind internal things like nessusd to localhost, and remote access like ssh to the internal nic. ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- ideal OS distro for network scanning? offset (Jan 15)
- Re: ideal OS distro for network scanning? Andrew Simmons (Jan 15)
- RE: ideal OS distro for network scanning? Lyal Collins (Jan 18)
- <Possible follow-ups>
- RE: ideal OS distro for network scanning? Michael Scheidell (Jan 15)
- Re: ideal OS distro for network scanning? wrhaynes (Jan 15)
- Re: ideal OS distro for network scanning? Pete Herzog (Jan 16)