question

Well my question might sound a little stupid, but i am still approching
security.

the question:

If i have to test security on a Windows machine do i have to use windows?
if i have to test security on a unix machine do i have to use unix/linux?

i mean
windows==windows
linux==linux

thanks in advance.

edouble

On Thu, 09 Dec 2004 09:50:59 GMT, "edouble" <> wrote:

>Well my question might sound a little stupid, but i am still approching
>security.
>
>the question:
>
>If i have to test security on a Windows machine do i have to use windows?
>if i have to test security on a unix machine do i have to use unix/linux?
>
>i mean
>windows==windows
>linux==linux
>
>thanks in advance.
>
>
#############################
You don't have to use windows for windows and unix for unix. I can
run nmap on unix to port scan a windows box and ostrosoft on windows
to port scan unix. However, when it comes to using certain
hacking/network tools testing scripts, the choice of OS maybe limited.
donnie.

donnie

donnie wrote:

> On Thu, 09 Dec 2004 09:50:59 GMT, "edouble" <> wrote:
>
>>Well my question might sound a little stupid, but i am still approching
>>security.
>>
>>the question:
>>
>>If i have to test security on a Windows machine do i have to use windows?
>>if i have to test security on a unix machine do i have to use unix/linux?
>>
>>i mean
>>windows==windows
>>linux==linux
>>
>>thanks in advance.
>>
>>
> #############################
> You don't have to use windows for windows and unix for unix. I can
> run nmap on unix to port scan a windows box and ostrosoft on windows
> to port scan unix. However, when it comes to using certain
> hacking/network tools testing scripts, the choice of OS maybe limited.
> donnie.

He is absolutely right.Â*Â*YouÂ*canÂ*useÂ*eitherÂ*toÂ*scanÂ*theÂ*other.Â*Â*IÂ*prefferÂ*to
use linux when scanning any system. The Nessus (www.nessus.org) security
auditing software works really good for scanning windows machines.Â*Â*YouÂ*can
specify specific 'plugins' to use.Â*Â*ItÂ*allowsÂ*youÂ*toÂ*specifyÂ*windows
specific testing.Â*Â*ItsÂ*goodÂ*forÂ*aÂ*beginner.

k

k wrote:

> donnie wrote:
>
>> On Thu, 09 Dec 2004 09:50:59 GMT, "edouble" <> wrote:
>>
>>>Well my question might sound a little stupid, but i am still approching
>>>security.
>>>
>>>the question:
>>>
>>>If i have to test security on a Windows machine do i have to use windows?
>>>if i have to test security on a unix machine do i have to use unix/linux?
>>>
>>>i mean
>>>windows==windows
>>>linux==linux
>>>
>>>thanks in advance.
>>>
>>>
>> #############################
>> You don't have to use windows for windows and unix for unix. I can
>> run nmap on unix to port scan a windows box and ostrosoft on windows
>> to port scan unix. However, when it comes to using certain
>> hacking/network tools testing scripts, the choice of OS maybe limited.
>> donnie.
>
> He is absolutely right.**You*can*use*either*to*scan*the*other.**I*preffer
> to use linux when scanning any system. The Nessus (www.nessus.org)
> security auditing software works really good for scanning windows
> machines.**You*can specify specific 'plugins' to use.**It*allows*you*to
> specify*windows specific testing.**Its*good*for*a*beginner.

I agree also. Not sure if you are using UNIX but, check out www.nessus.org.

Michael

Michael J. Pelletier

Michael J. Pelletier wrote:
> k wrote:
>
>
>>donnie wrote:
>>
>>
>>>On Thu, 09 Dec 2004 09:50:59 GMT, "edouble" <> wrote:
>>>
>>>
>>>>Well my question might sound a little stupid, but i am still approching
>>>>security.
>>>>
>>>>the question:
>>>>
>>>>If i have to test security on a Windows machine do i have to use windows?
>>>>if i have to test security on a unix machine do i have to use unix/linux?
>>>>
>>>>i mean
>>>>windows==windows
>>>>linux==linux
>>>>
>>>>thanks in advance.
>>>>
>>>>
>>>
>>>#############################
>>>You don't have to use windows for windows and unix for unix. I can
>>>run nmap on unix to port scan a windows box and ostrosoft on windows
>>>to port scan unix. However, when it comes to using certain
>>>hacking/network tools testing scripts, the choice of OS maybe limited.
>>>donnie.
>>
>>He is absolutely right. You can use either to scan the other. I preffer
>>to use linux when scanning any system. The Nessus (www.nessus.org)
>>security auditing software works really good for scanning windows
>>machines. You can specify specific 'plugins' to use. It allows you to
>>specify windows specific testing. Its good for a beginner.
>
>
> I agree also. Not sure if you are using UNIX but, check out www.nessus.org.
>
> Michael


Concur! I do use tools like ISS in a win environment, one MUST become
familiar with the nix solutions. Not only for scanning but for many of
the IDS functionalities. While snort has a win port for example the OS
overhead impacts data gathering capabilities on high volume networks.
Like most things testing with several methodologies will yield better
results. Learning to read and interpret logs is a great area to learn,
not only to use and run various security tools, but in the forensics
arena as well. One learns much if they examine security failures too. It
is too easy to reformat and reimage, to understand the compromise and
how it was accomplished is fun. Beyond scanning a system for holes one
should also be able monitor and log activity and have the ability to
recover quickly. Backups are your friend.

Computer security is a balance game. One must always walk that fence
between usability and security. It is very easy to break things. There
is no such thing as a completely secure computer except maybe one
encased in concrete in the bottom of the ocean (that still is
debatable). This is one of the most difficult portions of computer
security. One can lock down security to the point of no communication
and minimal vulnerability, but how useful is the system? Does it meet
user requirements? Weighing user needs against the compromise potential
is the most difficult aspects to learn.

The second toughest job in computer security is changing the network
user behaviors to operate securely. It doesn't matter if you are
managing 1 user (yourself) or 1000. The user is often your own worst
enemy, even when you are that user!

Winged

winged