Results 1 to 8 of 8

Thread: Most Secure OS - v2.0

  1. #1
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    17

    Default Most Secure OS - v2.0

    Okay, my first thread didn't turn out as expected...it was moved to the General IT section where I couldn't respond, but I've gotten permission from the mod pureh@te to create this new one so I can clarify; and thanks for taking the time to read this thread in advance because I have a feeling it might be a bit wordy and I'm not that great with paragraphs

    I've asked about this in another Linux forum, which is pretty big (not sure if I'm allowed to say the name) but I haven't gotten any useful replies. But basically, I'm looking for something like Backtrack I can use as a full OS as a workstation, not priamrily focused on penetration testing itself, but a basic start for taking measures in security. I've been using Linux for some years now, and I'm very comfortable using it, and have never run into any problems that I could not solve by asking other like in forums, etc. I'm aware that security is a taken measure and not just a written program, however I am doing my best with the knowledge I currently have to remain aware of the lingering dangers that lurk just around the corner. I'm still in the process of learning about the architecture of operating systems (how they work, how exploits and holes are discovered, etc.), so I want to test something in a live environment (controlled, of course), where a workstation (this is not on a server or anything, just a home box) for a typical software programmer who is well aware of the capabilities of some nasty people out there, and test him/her on their response to certain threats and attacks, including the time they take to respond, and the quality of it, as opposed to what they should have done in defense, as well as analyzing the problem specifically (how far the "attacker" got on the system, especially if they were able to gain root access, how they managed to do what they did, and investigate the security flaw specifically so we can research on how we can prevent future attacks should it ever happen in reality.
    My experience with Linux itself would be just about average as any *nix user, I guess...I've used Debian and some other distros based off of it, and Gentoo for the past few years since I've gotten sort of comfortable with it, but it wasn't enough for me and I started to look for something new. I've been learning C coding, though I'm not incredibly fluent in it, and I know some basic Python but I need to work on that a bit as well. But I will continue study of the OS I finally choose, and work on knowing every nook and cranny about it so I know 100% what's going on in there.
    I'm not sure of any completely full distros geared towards the goal I'm searching for yet, but I've heard stuff about OpenBSD as well as Hardened Gentoo which has SELinux in it by default, I think, but I also heard that it wasn't the best option out there because it has a lot of unstable issues with it. I've also read a lot of biased articles on this sort of topic, and I'm not sure where I should lean towards, but I'm not judging anything yet.
    So do you guys have any options I can look into?

  2. #2
    Member PeppersGhost's Avatar
    Join Date
    Jan 2008
    Posts
    204

    Default

    Could you narrow it down a bit. You're all over the map.
    <EeePc 1000HA BT4/W7 USB boot Alfa500 GPS BlueTooth>

  3. #3
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    17

    Default

    Quote Originally Posted by PeppersGhost View Post
    Could you narrow it down a bit. You're all over the map.
    Yea, I thought my wording might have been just a tad bit of an issue. I think it might be easier if you ask a question and I can answer to it as specifically as possible without treading too far off the topic.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    7

    Default

    Go to town
    nsa.gov/snac

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Hello and welcome to the forums.

    I will have to agree with the above quote about being all over the map.

    If you can use a linux distro and are confident with it. then I would suggest that you stick with it. Generally speaking they are more secure out of the box than maybe MS is. However there are lots of caveats to that statement.
    Now if you want to learn more about security and the lack thereof then continue reading here on these forums and other places on the net
    Here is one http://www.securityfocus.com/
    This one has lots of good info and is fairly easy to read (meaning most levels of expertise can understand it)
    Next I would suggest The Book However this book is not a book for a beginner by no means.
    If you want a beginner book then go for something like hacking for dummies. Yes it is a real book. However with it you may or may not learn anything.

    As for "playing around and learning" then you could try live cd's as these wont mess with the underlying os. also have a look at VM Ware which allows you to run another os "on top of" or in addition to on your computers. That way with either of those options when something goes wrong just reboot.

    I hope this info helps get you started.
    I think that above all you will need to read and read and read!
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    If I read you correctly you have essentially one goal in this statement, being the desire to learn every nook and cranny of an operating systems potential security holes. Something that I did not really hear you mention in this and the original thread was the word 'network' as what you wrote seems to be a more 'workstation' oriented.

    My advice to you is to balance your focus with both network and workstation security (and servers if you use or are planning to use them). If security is genuinely this big of an interest/concern for you, then you should be thinking of the overall network topology, which includes primarily:

    • Switch(es)
    • Router(s)
    • Firewall(s)
    • Workstation(s)
    • Server(s)
    I'm not a certified network administrator, but my experiences have taught me to be security conscious, so having that said IMO any network plugged into the Internet should have varying layers of protection.

    Each network is unique, having their own functional requirements. If you have more than one Internet connected machine on the network, there's a 99.99999% chance that you're going to need a router of some sort. Keep in mind that with each additional piece of hardware comes configuration requirements for the purpose(s) they serve. In many cases they will open up security issues that you will have to contemplate and address while deploying the hardware and possibly the software required to run them.

    IMO every network should have a hardware firewall of some sort, and/or an IDS/IPS as a buffer to the internal network. I personally feel a lot better when I can look at my logs and see that the (mostly Chinese) crap is not hitting my internal systems, lessening the chances that my internal machine(s) will be affected by the mass junk that finds my IP every 30 seconds or so.

    I would encourage you as you are diving into this to see the bigger picture in regards to your own core network or even hypothetical networks, where you would begin (at least I would) by physically sketching out the topology starting with the servers and workstations, figure out what is necessary to get them online schematically, and then research the various security aspects of the hardware and software (services running on the machines are a VERY important element to analyze as well).

    There are a lot of great security articles and tutorials out there for just about every piece of hardware, OS and software. I would recommend getting up to speed on what I've written above as the first step. Once you get a good understanding you could then begin to do pentesting so that you have a better grasp on how the bad guys get into your network, so that you will harden your own security practices (every soldier gets to play war before he/she gets to fight one).

    Google is your friend
    dd if=/dev/swc666 of=/dev/wyze

  7. #7
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    And don't forget a good personal security policy
    dd if=/dev/swc666 of=/dev/wyze

  8. #8
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    17

    Default

    Thanks for the responses, and yes, I'm also looking into networking as well since that's where a lot of the action takes place as well for someone to target/reach someone else. I've been doing a lot of reading as well

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •