Penetration Testing mailing list archives
Re: ideal OS distro for network scanning?
From: wrhaynes () gmail com
Date: 15 Jan 2006 18:37:47 -0000
Well the most secure OS is going to be the one that you patch and update, not necessarily OpenBSD. I used to be an OpenBSD fan but no longer because I've been using FreeBSD for over 4 years now with 0 regret. FreeBSD is much more useable and actually remendously easier to upgrade/patch because of the great ports system. And for the most part, it's the applications that are vulnerable not the OS so which distro is more of a specific questiong that you need to dial in on. BSD in general is probably a small notch above the rest and using a 'server-install' of something like Ubuntu which maintains and distributes rigorous updates instantly, you'll also probably find exactly what you're looking for. -Securing it would be best to just do the most minimal installation possible and install ONLY what you need. -Optimize the kernel -Install Firewall with strict rules, -Keep the box up to date... All of these things can be done best with FreeBSD or Ubuntu for example. I choose Ubuntu over Debian because they sync and stabalize code from Debian's "Unstable" tree which means the apps are WAY more current. I choose FreeBSD over OpenBSD/NetBSD/Dragonfly because of cvsup and portupgrade. Portupgrade let's the you build EVERY installed app from new patched/updated source from the cvs servers. Which with a good kernel setup, gives you a killer performance machine WITH all of the latest patches. Kernel config is much easier in BSD IMHO, but no too difficult wherever you go. --Bill ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- ideal OS distro for network scanning? offset (Jan 15)
- Re: ideal OS distro for network scanning? Andrew Simmons (Jan 15)
- RE: ideal OS distro for network scanning? Lyal Collins (Jan 18)
- <Possible follow-ups>
- RE: ideal OS distro for network scanning? Michael Scheidell (Jan 15)
- Re: ideal OS distro for network scanning? wrhaynes (Jan 15)
- Re: ideal OS distro for network scanning? Pete Herzog (Jan 16)