Penetration Testing mailing list archives
Re: CEH training
From: Pete Herzog <lists () isecom org>
Date: Thu, 23 Jun 2005 11:49:27 +0200
Have to disagree with you here somewhat Richard. But I think your conciseness is your error. It's not better to run a tool on the OS it was designed on. It's best to run a tool designed on an OS with a platform and infrastructure that touches or manipulates the original packets the least. You can use windows to make a windows tool and run it on windows but it still won't run better than a tool which runs over a non-interfering OS, where the kernel does not try to translate information for you, no packet translation, packet inspection, or additional packet noise occurs in addition to the operating environment of the tool. Every layer of abstraction or interpretation between the request and the response, including those made by the tool itself, are layers where mistakes can be and will be made. The reason why tools under Windows may function less desirably than some other OSes is the layers introduced when making the tool, running the tool, making the request, receiving the response, and the packet noise made inheritently on networks where the OS resides. Windows is a user's OS for users with ease-of-use and administration being of primary functions. It is not the right tool for the job, for any job, that is not specifically testing the functioning of a windows environment from a Windows user/administrator perspective. Otherwise it's like reading one or two ad-soaked magazines about new security technology to make a decision on what kind of firewall you need for your network. It gives you info but you can only speculate on the accuracy and interpretation of that information. Sincerely, -pete. -- Pete Herzog - Managing Director - pete () isecom org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org ------------------------------------------------------------------- ISECOM is the OSSTMM Professional Security Tester (OPST), OSSTMM Professional Security Analyst (OPSA), and Hacker Highschool Teacher certification authority. Richard Zaluski wrote:
Regarding "tools" and windows, most of the security tools that run on Windows are simply ported over from the *nix world. They run much better and often times allow much more flexibility in their use due to the way Windows and *nix operates and interacts with them. Its much better, in my opinion to run a tool on its native operating system. I have seen nmap for example running on MS 2000 professional completely lag behind the *nix version.
Current thread:
- Re: CEH training, (continued)
- Re: CEH training ilaiy (Jun 22)
- RE: CEH training Drage, Nick (Jun 22)
- RE: CEH training Tim Singletary (Jun 22)
- Re: CEH training Michael Hammer (Jun 22)
- RE: CEH training Tony Mesenbrink (Jun 22)
- Re: CEH training Gareth Davies (Jun 23)
- RE: CEH training Tim Singletary (Jun 22)
- RE: CEH training Zuromski, Brian (Jun 22)
- RE: CEH training glemmon (Jun 22)
- RE: CEH training Richard Zaluski (Jun 22)
- Re: CEH training D K (Jun 22)
- Re: CEH training Pete Herzog (Jun 23)
- RE: CEH training Richard Zaluski (Jun 23)
- RE: CEH training Richard Zaluski (Jun 22)
- RE: CEH training Torig (Jun 22)
- RE: CEH training Tim Singletary (Jun 23)
- RE: CEH training glemmon (Jun 24)
- RE: Sample pent test agreement evb (Jun 26)
- RE: Sample pent test agreement Erin Carroll (Jun 26)
- RE: Sample pent test agreement Irene Abezgauz (Jun 26)
- RE: Sample pent test agreement random (Jun 27)
- Re: Sample pent test agreement Pete Herzog (Jun 30)
- RE: Sample pent test agreement evb (Jun 26)
- RE: Sample pent test agreement Password Crackers, Inc. (Jun 27)