Re: Building a 'security consultant' laptop

[H Carvey <keydet89 () yahoo com>]

In-Reply-To: <20030410142129.15926.qmail () www securityfocus com>


> What else should I add?  Are these the recomended OS,
or would you put 
> something else instead? In other words, if you were to
walk into a company 
> for a consulting job, what would you want to have on
this laptop?

I don't see much of an issue w/ the "recomended[sic]
OS" setup.  I guess what I'd do is take a look at what
you're reasonably expecting to do.  For example, you
mention forensics...do you mean incident response
activities in general, or specifically making
duplicates of hard drives?  If you're dup'ing drives,
you won't want a general purpose laptop for that.  If
you're doing IR (ie, the collection of volatile
information), you'll want to have the necessary tools
on CD, as well as some collection and analysis
facilities on the laptop.

Having scanners and other tools on the laptop is a good
idea.  You might also consider having a Perl distro for
both os's.  With a couple of base scripts, you can
easily set up the facility for parsing data, etc.

You might also have some encryption utilities
available, so that specific information can be
encrypted while the laptop is being transported.  Disk
wiping utilities might also be in order.  

Hope that helps some...

Harlan

-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------