Monday, April 25, 2005
SuSe 9.2
Well Suse 9.2 got the thumbs up for usability. My Linux-illiterate wife was able to surf the net, create directories, download files, setup Ximian Evolution and send an email. I don't know if I was more impressed with her skillz or Suse ;-)
So I'm keeping SuSe on my pentesting dual-boot laptop for now.
So I'm keeping SuSe on my pentesting dual-boot laptop for now.
Wednesday, April 20, 2005
Linux Distros
I decided to update my Linux distro for pen testing, I have been happily using Red Hat 9 for a while (hey if it's not broken..)
The available distros have really changed alot in the last few years with Red Hat and Mandrake (now Mandriva) going commercial and Suse being sold to Novell. There has also been a huge rise in bootable CD security/network focused Linux distros such as Phlak (Professional Hackers Linux Assault Kit), Auditor, Knoppix, Whoppix (White Hat Knoppix) and NST (Network Security Toolkit).
So which one to choose? I have been using Auditor recently for doing some network data capture and analysis but the bootable CD's are limited when it comes to installing new software unless you want to make your own bootable CD.
Fedora Core 3: Having used Red Hat I decided to install FC3. Slick interface but a dog when it came to performance. The test install machine was a P4 3GHz with 1GB of RAM. Windows XP is faster on the same box. I cut out most packages except for development and networking and it was still a massive install.
Verdict - Bloatware... Red Hat has really taken Microsoft on but in the wrong department.
Mandrake 10.1: This distro is great. Slick interface, easy install, nice features until... I started playing with libpcap stuff and ended up in dependency hell. The free version is nobbled and has very few packages. Even using RPMFind or installing tarballs didn't resolve all my issues. The commercial PowerPack version has most packages and would probably be a great distro but I don't believe in paying for Linux.
Verdict - super sweet cut down version of Linux. Not for power users.
Debian 3: OK back to an old fav. Downloaded the ISO's first and then compared the features to other distro's (doh!). A 2.2 kernel... are you serious! I would have been better off with RH9.
Verdict - Didn't install it. Great distro for four years ago.
Suse 9.2: I like it! Straight forward install, awesome hardware detection, the best *nix interface I've seen so far. My Linux illiterate wife is hogging it at the moment looking up hairstyles... so it can't be hard to use. Will test the power-user features.
Verdict - I'm keeping it for now but I'll let you know...
The available distros have really changed alot in the last few years with Red Hat and Mandrake (now Mandriva) going commercial and Suse being sold to Novell. There has also been a huge rise in bootable CD security/network focused Linux distros such as Phlak (Professional Hackers Linux Assault Kit), Auditor, Knoppix, Whoppix (White Hat Knoppix) and NST (Network Security Toolkit).
So which one to choose? I have been using Auditor recently for doing some network data capture and analysis but the bootable CD's are limited when it comes to installing new software unless you want to make your own bootable CD.
Fedora Core 3: Having used Red Hat I decided to install FC3. Slick interface but a dog when it came to performance. The test install machine was a P4 3GHz with 1GB of RAM. Windows XP is faster on the same box. I cut out most packages except for development and networking and it was still a massive install.
Verdict - Bloatware... Red Hat has really taken Microsoft on but in the wrong department.
Mandrake 10.1: This distro is great. Slick interface, easy install, nice features until... I started playing with libpcap stuff and ended up in dependency hell. The free version is nobbled and has very few packages. Even using RPMFind or installing tarballs didn't resolve all my issues. The commercial PowerPack version has most packages and would probably be a great distro but I don't believe in paying for Linux.
Verdict - super sweet cut down version of Linux. Not for power users.
Debian 3: OK back to an old fav. Downloaded the ISO's first and then compared the features to other distro's (doh!). A 2.2 kernel... are you serious! I would have been better off with RH9.
Verdict - Didn't install it. Great distro for four years ago.
Suse 9.2: I like it! Straight forward install, awesome hardware detection, the best *nix interface I've seen so far. My Linux illiterate wife is hogging it at the moment looking up hairstyles... so it can't be hard to use. Will test the power-user features.
Verdict - I'm keeping it for now but I'll let you know...
Friday, April 01, 2005
Free security stuff
Check out Grisoft Anti-Virus it's a free AV with regular updates. While I haven't used it myself it scored 100% in Virus Bulletin's Feb 2005 test.
I don't advocate the use of software firewalls and believe a good entry level stateful packet inspection firewall is the way to go on a broadband connection. But if your still on dial up or need to protect your machine from a hostile network (i.e. my workplace ;) then check out Sygate Personal Firewall, its a free firewall ... this allows more granular control than Zone Alarm.
I don't advocate the use of software firewalls and believe a good entry level stateful packet inspection firewall is the way to go on a broadband connection. But if your still on dial up or need to protect your machine from a hostile network (i.e. my workplace ;) then check out Sygate Personal Firewall, its a free firewall ... this allows more granular control than Zone Alarm.
