What do you recommend in regards to security?

[sanddbox]

For the record, just because an OS has several skiddie tools on it doesn't make it secure. (And yes, there are legitimate uses for the tools on Backtrack...they are just far and in between, in terms of the types of people using the OS).

[fashizzlepop]

There are ways to bypass VMs and gain access to the host. It's been done before.

[OnlyHuman]

I know, that's what sucks about it. The need for traditional methods of hardening a system are still there. They just exist independently of the actual working environment this way. But the way I see it, the only real way to be secure is to make sure you can bounce back from an attack quickly. No system is ever going to be 100% impregnable. That's why there are literally thousands of tools to harden them now, and those tools are constantly updated. HIPS help, jails help, honeypots help, even the VM is only a tool to help. I like this method, because it makes the rebound as painless as possible.

[sanddbox]

There are ways to bypass VMs and gain access to the host. It's been done before.

When a vulnerability is present, yes.

[hackuin60s]

If you are using it as Desktop [ Personal computing ], you can go with any of the distribution based on Debian, which actually pretty good for personal computing. You first need to understand that as you are not using it to provide any kind of service to outside world, Just lock down/disable the services with you filtering device/application, say IPTables to deny all inbound [initialisations] communications, because there is no reason someone is trying to connect your PC as you are not providing any kind of service to other. Set up a AppArmor/SE-Linux for your applications. And yes, don't get SE'd. :b

Obviously, for being a attacking computer, you need different set of tools, which you can easily get for you distribution. BT comes down with plenty of security/pen-testing tools pre installed. But, most of them are multi tools for a single purpose. However, you just need to get a decent tools and install on you distribution if you really need them.

The thing is, when you opt for securing something, you must always have back-up/recovery plan set before attempting anything like this. When you want to play around with your OS, make sure you don't endup with losing your important data.

So, its actually depends upon you to configure you distribution according your specific needs.

~Hackuin

[tremor77]

I just have to point out with all the software/OS talk... my mantra continues to be the quality usage of a good hardware firewall and creating a usage policy and sticking to it. It allows for my particular brand of sloppy OS administration...