Linux Security cd's (Was Windows XP SP2 and Security Tools)

From: xyberpix (xyberpix_at_xyberpix.com)
Date: 09/21/05

  • Next message: AragonX: "RE: PGP email encryption" 
    Date: Tue, 20 Sep 2005 23:06:02 +0100
To: Steve McLaughlin <Steve.McLaughlin@aggreko.co.uk>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    On this one I'd have to say Whopix, well it used to be, it's now
    called WHAX.
    You can get it from http://www.hackingdefined.com/index.php/Tools

    It's got everything, I wouldn't use anything else these days.....

    HTH

    xyberpix

    On 20 Sep 2005, at 02:16, Steve McLaughlin wrote:

    > We have a Linux box on the perimeter. And I aggree that Linux works
    > way much better for anything. Im a Knoppix-STD fan myself. I like
    > to run nessus scan from my WIndows XP client though, which points
    > to a Linux box on VMware in the DMZ. I will have a look at PHLAK,
    > we are also having a look at Eeye products.
    > linux is giving me trouble with installing GTK+2.0 with all the
    > Libraries it requires that also require libraries.
    > I would really like to install cheops-ng and Nessus Client for
    > Linux, but this has been giving me grief with the new GTK+ trying
    > when trying compile it. I do love the idea of a Live Linux CD, but
    > I dont thnk this would work well for a 24/7 Linux box which will be
    > running Snort, and Nessusd.
    >
    > Do you know of any installable Linux Distros which are all good to
    > go like Knoppix STD?
    >
    > ________________________________
    >
    > From: Josh Perrymon [mailto:perrymonj@networkarmor.com]
    > Sent: Mon 19/09/2005 11:03 PM
    > To: Steve McLaughlin; pen-test@securityfocus.com; security-
    > basics@securityfocus.com
    > Subject: RE: Windows XP SP2 and Security Tools
    >
    >
    >
    > Are you looking to do pen-testing from a Windows box????
    > If so I would disagree due to the RST issues and the stack issues.
    > I would install a Linux box or run a LIVE CD such as Auditor or PHLAK
    > for your assessments. This will give you all the tools you need for
    > info
    > gathering, mapping the network , scanning with nessus, metasploit and
    > other tools.
    >
    > I would only suggest using windows XP for running web application
    > tools
    > such as Acunetix, WebInspect, AppSecure and others.
    >
    > I don't find XP to be a good to for something you can do a LOT more
    > efficiently in Linux.
    >
    > You could also run VMWare and run your tools for auditing from a
    > virtual
    > machine. The only problem this will cause is with wireless auditing
    > due
    > to the way drivers bind in Vmware/
    >
    >
    > Joshua Perrymon
    > Network Armor
    >
    > -----Original Message-----
    > From: Steve McLaughlin [mailto:Steve.McLaughlin@aggreko.co.uk]
    > Sent: Monday, September 19, 2005 10:46 AM
    > To: pen-test@securityfocus.com; security-basics@securityfocus.com
    > Subject: Windows XP SP2 and Security Tools
    >
    > Hi List,
    >
    > We are currently in the stage of rolling out Windows XP SP2. I know
    > that
    > this had some problems with winpcap a while back.
    > we use all the good open source security tools we can with windows,
    > cos
    > its easier than putty to the linux box.
    >
    > Des anyone know of any issues, or problems that SP2 may pose from
    > what a
    > security pen-testing box is concerned.
    > Will it affect any Windows based security tools, or are there any
    > other
    > issues it has from a security point of view?
    > Considering it is also my workstation, and hence we have to use
    > windows
    > for it.
    >
    > Thankyou in Advance,
    > Steve
    >
    > Visit us at http://www.aggreko.com
    >
    > Confidentiality Notice: This communication and any accompanying
    > attachments contain confidential information intended for a specific
    > individual and purpose. This communication is private and
    > protected by
    > law. If you are not the intended recipient, you are hereby
    > respectfully
    > notified that any disclosures, copying, forwarding or distribution, or
    > the taking of any action based on the contents of this
    > communication is
    > strictly prohibited.
    >
    > _____________________________________________________________________
    > This email has been scanned by the MessageLabs Email Security System.
    > For more information please visit http://www.messagelabs.com/email
    > ______________________________________________________________________
    >
    > ----------------------------------------------------------------------
    > --
    > ------
    > Audit your website security with Acunetix Web Vulnerability Scanner:
    >
    > Hackers are concentrating their efforts on attacking applications on
    > your
    > website. Up to 75% of cyber attacks are launched on shopping carts,
    > forms,
    > login pages, dynamic content etc. Firewalls, SSL and locked-down
    > servers
    > are
    > futile against web application hacking. Check your website for
    > vulnerabilities
    > to SQL injection, Cross site scripting and other web attacks before
    > hackers do!
    > Download Trial at:
    >
    > http://www.securityfocus.com/sponsor/pen-test_050831
    > ----------------------------------------------------------------------
    > --
    > -------
    >
    >
    >
    >
    >
    > ______________________________________________________________________
    >
    > This email has been scanned by the MessageLabs Email Security System.
    > ______________________________________________________________________
    >
    >
    >
    > Visit us at http://www.aggreko.com
    >
    > Confidentiality Notice: This communication and any accompanying
    > attachments contain confidential information intended for a
    > specific individual and purpose. This communication is private and
    > protected by law. If you are not the intended recipient, you are
    > hereby respectfully notified that any disclosures, copying,
    > forwarding or distribution, or the taking of any action based on
    > the contents of this communication is strictly prohibited.
    >
    > _____________________________________________________________________
    > This email has been scanned by the MessageLabs Email Security System.
    > For more information please visit http://www.messagelabs.com/email
    > ______________________________________________________________________
    >
    > ----------------------------------------------------------------------
    > --------
    > Audit your website security with Acunetix Web Vulnerability Scanner:
    >
    > Hackers are concentrating their efforts on attacking applications
    > on your
    > website. Up to 75% of cyber attacks are launched on shopping carts,
    > forms,
    > login pages, dynamic content etc. Firewalls, SSL and locked-down
    > servers are
    > futile against web application hacking. Check your website for
    > vulnerabilities
    > to SQL injection, Cross site scripting and other web attacks before
    > hackers do!
    > Download Trial at:
    >
    > http://www.securityfocus.com/sponsor/pen-test_050831
    > ----------------------------------------------------------------------
    > ---------
    >
    >

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (Darwin)

    iD8DBQFDMIfLcRMkOnlkwMERAvHFAKCFlu5EHb+sWFGdF8M4ygLcG3vMsQCfWVeG
    aTz2dLwZ8RbVtxolBxwJWno=
    =NCvi
    -----END PGP SIGNATURE-----

  • Next message: AragonX: "RE: PGP email encryption"

    Relevant Pages