Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Pentesting using Vista?
From: Sat Jagat Singh <flyingdervish () yahoo com>
Date: Fri, 21 Mar 2008 11:41:42 -0700 (PDT)

I wouldn't even let my mother use Vista for word
processing.  I got my wife a new Vista laptop back in
September and I have just now finished the second full
reinstall due to Vista self-destruction.  On the first
occasion M$ update installed some half-baked patch in
the middle of the night that caused a BSOD. 
Microsoft's advice: after reinstalling Windoze, don't
install whatever patch caused that and shutoff
automatic updates.  Great.  On this 2nd occasion some
offending app that may be compatibility challenged
locked up the whole OS to the point where a hard
power-off was the only option.  A complete corruption
of the partition was the result.

Hence, on this second reinstall, I obtained and
applied XP Pro.

Other than the apparent likelihood that all your work
will be toast, there's also a limitation, introduced
by M$ with XP SP2 and presumably still present in
Vista, on the number of socket simultaneous
connections.  This makes it less than ideal to run
Nessus on for one thing.  Other vuln scanners may or
may not have a similar issue.  If you do want to run
Nessus, Tenable has some specific configuration
guidance to make it functional.

I believe Cygwin works on Vista, though I haven't
tested it.  If you haven't used it before, I highly
recommend it for interoperability of many FOSS tools
designed for Linux, perl, python, ruby, etc.  I use it
on my XP systems.

Good luck

--- Leonardo Cavallari Militelli
<leonardocavallari () gmail com> wrote:

Hi all,

Does anyone ever used Windows Vista for
pen-testing/security assessment?
I just got a new laptop from company that seems to
have many
compatibility issues with linux distributions and
miss some drivers
for XP.

Thanks,
Leo


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------





      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault