October 7th, 2003, 09:39 PM
I wasn't thinking of expensive and by habit, use the 180-day trial version that MS provides, for this kind of purpose.
The FreeBSD and Linux distros are easily and legally downloadable from the sites as is other software. Also, I didn't mean to suggest that he should have 8 machines but rather a variety. Pick and choose differences so you can understand what is different between them. I have some pretty cheap old "abuse" boxes that I use and have at one point or another had: Novell 5, Mac OS9, Mac OS X, FreeBSD, RH, Suse, Slackware 9, Windows 2000, Win98.
I perhaps should have been clear on that and for that I apologize. I wrote by habit of what I expect my students to do in class.
The reason you look at the default is so you can understand what the system starts with and what the dangers are with a default install. Novell, under default, doesn't have the same issues and needs fewer checks than either MS or *nix (specifically Linux). Then, once you understand the flaws (problems) with default you can go about looking for the specific fixes and build on that. Pen testing is the best for this kind of thing. Check for vulnerabilities, find them, fix, repeat ad nauseum.
October 10th, 2003, 09:40 PM
Originally posted here by souleman
No offence to you mohaughn...I just agree with what MsM said.
No offense taken at all. Explained in that light I agree and think we were all probably saying the same thing and unfortunately a little of it was getting lost in this great median of typed text... I read MsM.'s comment as having all of those systems and apps up and running at the same time. After reading her response back to me, it makes more sense about what she was saying. I also have to totally agree with you that learning to administer a system is the easiest way to learn how to secure one. I was just thinking in terms of information overload.
October 10th, 2003, 10:05 PM
Last WIN 2000 server I bought was around £585 for a five seat version. MS Mittens has suggested the extended trial of 2003 or whatever. That is a good idea if you can do what you want in that timespan.
You might be able to get hold of a "free" /cheap copy of NT4 server, that would be probably adequate for your preliminary experiments?
I guess if you want "real world" you need to include some *nix OS in your design I do not really see the point of 9X, as they are all single user home environment OSes, and should not really be on a pro. network. The only real reason they ever were IMHO was because NT4 did not support power management, and that was an issue for people with laptops?