Re: Lab OS Choices

[Pete Herzog <lists () isecom org>]

Hi,

Booting from a Live Linux CD is the way to do it.  Running it virtually is 
not only a huge mistake but a disservice to the client.  Your job is to 
look at security under a microscope and by adding more layers of 
abstraction you may as well be standing on a ladder and peering down into 
the microscope with binoculars.  You cannot get the same packet results 
consistently with a virtual machine that you will with the original OS on 
metal.

I wish some university student will finally do their thesis on this to 
prove me wrong. I wish the virtualization industry has come so far as to 
make testing from a virtual machine a reality.

So if you're testing at the application level then feel free to have as 
many layers of abstraction as your little heart can handle because it's 
often the content of the packets that matter and not the configuration. But 
if you want to know what's going down on the wire, be a sociologist and get 
close to it. That's what you'll learn in the OPST.

-pete.
www.isecom.org

Jason Alexander wrote:
> So in a pen test would I be right in thinking that using a virtualised 
> os like backtrack would not produce the same results as a laptop with 
> the os installed directly? I ask this as many pen testers I know use mac 
> books with paralells and have xp and usually BT virtualised to conduct 
> their tests?

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------