What do you recommend in regards to security?

There are many different operating systems; which one will you choose?

What do you recommend in regards to security?

Post by deadcat on Tue Oct 12, 2010 4:17 am
([msg=47419]see What do you recommend in regards to security?[/msg])

So I've decided to reinstall my OS because my last one has got a bit messy due to neglect. Since it's last install I've learned a lot more and am ready for a clean, secure and fast system.
I've narrowed my choice down to either Gentoo, the best operating system i've ever had the privilege of installing, running and maintaining or FreeBSD which i have never used but have read is amazingly secure and is where Gentoo borrowed it's portage program from.

Please resist basing your opinion on what you use. I'm more interested in security than anything else. Please also note I'll be using it for a desktop os for research, playing music, web browsing, ect.

Thanks you in advance, Deadcat
deadcat
New User
New User
 
Posts: 10
Joined: Mon Oct 11, 2010 2:16 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by OnlyHuman on Tue Oct 12, 2010 9:49 am
([msg=47424]see Re: What do you recommend in regards to security?[/msg])

I like the BSD variants simply for the jails. I've never used Gentoo, so I shouldn't really comment on that one. Truth be told, given the current state of things, I'd say just go with an operating system you're already comfortable with, and then install something like VMWare or VirtualBox over the top of it. Then do 100% of your work through a virtual appliance. If you need to backup or save any work between appliances, save it out to a flash drive or external HDD. Of course, if you're pedantic, you can also install your firewalls, honeypots, HIDS / HIPS and all that good stuff too. But, the idea with taking the virtual machine route, is to enter the game automatically assuming something bad is going to happen with the machine you're using. And, to backup religiously, so that you can cut as many loses as possible, and rebound quickly.
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by deadcat on Mon Oct 18, 2010 9:29 pm
([msg=47762]see Re: What do you recommend in regards to security?[/msg])

I have still not come to a final decision on this one and i was hoping that i would get more opinions. Thank you OnlyHuman for yours. Anyway, i have been thinking about and doing some reading on using Backtrack as my main OS. What i've read so far is that it can be done just as easily as an Ubuntu or Fedora an a lot of people are doing it but it's recommended against due to having important "work" files stored on your attack computer. This may be the case but what if i ran a VM of my chosen os through backtrack? Being a newbie of VMs i'd like to know how easy it would be for an outside party to know backtrack is running a VM.

Thanks, Deadcat.
deadcat
New User
New User
 
Posts: 10
Joined: Mon Oct 11, 2010 2:16 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by Goatboy on Mon Oct 18, 2010 10:10 pm
([msg=47763]see Re: What do you recommend in regards to security?[/msg])

Might I ask why you want Backtrack as your primary OS? It's meant to be an attack platform, and using it as anything else for a long period of time just seems inefficient to me.

Also, VMs can be networked just as a normal computer could. You can either assign it an IP on the network, or you can bridge it through your host computer.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2782
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by deadcat on Mon Oct 18, 2010 10:19 pm
([msg=47764]see Re: What do you recommend in regards to security?[/msg])

I figure backtack is the most secure linux OS (out of the box anyway), If i used the vm running on backtrack as my main os and backtrack when i needed it how different would that be to the opposite? I was just going to bridge the vm to the host OS.

Deadcat
deadcat
New User
New User
 
Posts: 10
Joined: Mon Oct 11, 2010 2:16 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by fashizzlepop on Mon Oct 18, 2010 10:54 pm
([msg=47767]see Re: What do you recommend in regards to security?[/msg])

You're thinking is slightly flawed. Like Goatboy said, it's meant as an attack vector, not as a defense. In fact, since it's primary purpose is offense, it probably lacks in the personal security side. If you are planning on only booting live than I would say it would be safe from malware etc. Go with what you are comfortable with.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by OnlyHuman on Mon Oct 18, 2010 11:34 pm
([msg=47770]see Re: What do you recommend in regards to security?[/msg])

deadcat wrote:Being a newbie of VMs i'd like to know how easy it would be for an outside party to know backtrack is running a VM.


That depends on a few different factors. First, are you running a honeypot on either the host and/or guest? If so, you can pretty much make your network fingerprint look like anything you want. So, a scan is going to turn up useless results to most of the people attempting to enumerate your system. Next, it depends on the skills of the attacker. If you're up against somebody that can build a fully functional DSL modem using crap they found lying around in their fridge, chances are, they're going to know what you're using no matter what you do. And finally, it's going to depend on which VM you choose and how you enable networking within that VM.

But, all this is moot, because this is where you have to consider what I stated before: "the idea with taking the virtual machine route, is to enter the game automatically assuming something bad is going to happen with the machine you're using." You go in expecting to lose, and just get pleasantly surprised when you don't. It's an extremely different concept than the traditional approach of hardening a system. With the traditional approach, you fight a constant uphill battle to make your machine impervious to attack. With this approach, you've come to terms with the fact that no matter what you do, there will always be those select few that can circumvent your security measures. So instead, you do your damnedest to nullify the damage they may or may not cause. I hope that makes sense.
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by fashizzlepop on Tue Oct 19, 2010 1:40 am
([msg=47780]see Re: What do you recommend in regards to security?[/msg])

Or, more simply, don't become a target...?
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by OnlyHuman on Tue Oct 19, 2010 5:59 am
([msg=47787]see Re: What do you recommend in regards to security?[/msg])

fashizzlepop wrote:Or, more simply, don't become a target...?


If you can avoid it absolutely. But, at least with this approach, you can, to some degree, afford to be a target. Let's say that on the guest OS, I have a service I know nothing about, listening on a port I didn't secure. This service just happens to have an unpatched buffer overflow vulnerability that allows an intruder to execute a remote shell and gain root. They haven't gained root on my host, just the appliance. So, they can tear that box up all they want. I'll just reinstall it with a few mouse clicks. I'm not worried about them trashing it, because I've got all my backups stored on the host, as well as a multi-gigabyte flash drive I have attached to my keychain. Sure, it's a pain in the ass to reconfigure any changes I made to the guest OS, but at least that's all I've lost. And, maybe the next time I boot up the image, I secure the port.

Also, sorry if you were actually extending what I previously wrote, the question mark threw me off here. :)
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: What do you recommend in regards to security?

Post by David DuCunty on Tue Oct 19, 2010 9:02 am
([msg=47791]see Re: What do you recommend in regards to security?[/msg])

I love you guys. Sorry that's not informative. I too am a newbie, and I've learned so much just from reading these few posts.
David DuCunty
New User
New User
 
Posts: 3
Joined: Sun Oct 17, 2010 9:18 pm
Blog: View Blog (0)


Next

Return to Operating Systems

Who is online

Users browsing this forum: No registered users and 0 guests