Which has better tools for detecting targeted hacking, Windows or Linux ?
And what are those tools ?
>>57441655
macs are better for hacking they dont get viruses the new mac that came out my borhter got it he saiud it was really good
>>57441662
There are now viruses for Macs bro.
http://bits.blogs.nytimes.com/2012/04/06/widespread-computer-virus-indicates-mac-users-no-longer-safe/
https://www.cnet.com/news/apple-users-beware-first-live-ransomware-targeting-mac-found-in-the-wild/
>>57441662
Macs have the worst price/value.
Bump for answers.
Any Linux security books worth reading for an average user ?
NIDS and HIDS tools must integrate into SIEM. Active blue team hunting tools are OS specific, e.g. Powershell scripts looking for network connections won't work on Linux. Full packet capture is required regardless of system. DNS analysis is the best place to start.
Lynis
>>57441655
Linux, because le Kali meme
>>57441655
Linux, Metasploit
>>57441655
your captures would be full of telemetry and windows update phoning home
>>57445100
If you're in an enterprise environment, go for it.
For the home gamer, always go defense in depth. A good PFsense firewall running Snort can be very helpful, you need a HIPS as well. No matter what OS you're using, I'd recommend the public DISA STIGs for guidance. Of course, don't do the dumb shit like a warning banner, but things like EMET on Windows and disabling certain unneeded services can go hand in hand with active traffic monitoring.
For the PFsense firewall acting as a NIPS/NIDS, your protection will only be as good as your ruleset and how you're running the behavior/pattern based alerts.
>>57441662
What you want is metasploitable. It's a linux distro built to be unhackable. If you really want to be safe though, install metasploitable2.
>>57447311
> trusting any one distro insted of tools
Then you install a web browser and it's all fucked. Every browser is asploitable.
>>57447311
Yes, of course Anon, of course.
>>57447217
Honestly you could copy the config file and rules from snort running inside a pfsense install and use openbsd as the host os. You could copy the pf rules as well.
>>57441662
Good post
>>57447436
EVOL SPURNGEBOOB