Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: CEH training

from [Pete Herzog] Network Security [Permanent Link]
Subject: Re: CEH training
Date: Thu, 23 Jun 2005 11:49:27 +0200 
Have to disagree with you here somewhat Richard.  But  I think your
conciseness is your error.

It's not better to run a tool on the OS it was designed on.  It's best
to run a tool designed on an OS with a platform and infrastructure that
touches or manipulates the original packets the least.  You can use
windows to make a windows tool and run it on windows but it still won't
run better than a tool which runs over a non-interfering OS, where the
kernel does not try to translate information for you, no packet
translation, packet inspection, or additional packet noise occurs in
addition to the operating environment of the tool.

Every layer of abstraction or interpretation between the request and the
response, including those made by the tool itself, are layers where
mistakes can be and will be made.  The reason why tools under Windows
may function less desirably than some other OSes is the layers
introduced when making the tool, running the tool, making the request,
receiving the response, and the packet noise made inheritently on
networks where the OS resides.  Windows is a user's OS for users with
ease-of-use and administration being of primary functions.  It is not
the right tool for the job, for any job, that is not specifically
testing the functioning of a windows environment from a Windows
user/administrator perspective.

Otherwise it's like reading one or two ad-soaked magazines about new
security technology to make a decision on what kind of firewall you need
for your network.  It gives you info but you can only speculate on the
accuracy and interpretation of that information. 

Sincerely,
-pete.

-- 
Pete Herzog - Managing Director - pete@isecom.org 
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.isestorm.org
-------------------------------------------------------------------
ISECOM is the OSSTMM Professional Security Tester (OPST),
OSSTMM Professional Security Analyst (OPSA), and Hacker Highschool 
Teacher certification authority. 



Richard Zaluski wrote:


Regarding "tools" and windows, most of the security tools that run on
Windows are simply ported over from the *nix world.  They run much better
and often times allow much more flexibility in their use due to the way
Windows and *nix operates and interacts with them.  

Its much better, in my opinion to run a tool on its native operating system.
I have seen nmap for example running on MS 2000 professional completely lag
behind the *nix version.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: CEH training, xyberpix
Next by Date:  Re: TFTP and XP_CMDSHELL - Weird, Jose Selvi
Previous by Thread:  Re: CEH training, D K
Next by Thread:  RE: CEH training, Richard Zaluski
Indexes:  [Date] [Thread] [Top] [All Lists]