One of my main gripes about the CEH program is how it seems to favor windows.  I was told this was because the CEH was targeted towards Admins in charge of securing their networks and the ones that seemed to be so vulnerable were windows. Whatever, and I am not about to go on a campaign that linux is better than windows. They both have there strong and weak points. I am so surprised to see how many programs that are coming available for windows as far as network security goes. Yes, you can do some decent hacking with windows now, ( oh god did I really say that?)  Actually, when I want to set up a tftp server so I can upload to a server I will use windows. <- secret shame! If you have a large budget, you can use a lot of great programs from Core to the retina scanner.  You can do some real decent hacking with just windows. Some  Admins will say to me, “ I just deal with my window boxes and have no desire to deal with linux.”  They say and rightfully so, that they are not interested in doing security tests of a linux server so why bother. Ok, here is my point and belief.  Every good hacker I have ever met or even read about uses linux!  We keep reading these great sayings from Sun Zu  about how you must know the enemy as well as yourself. Well?  If a hacker is going to use nessus (yeah I know its noisy, but many are using it now because you can go to a unsecured wireless network of your neighbor or local hotel and do what you want ) I want to see what he sees. If he is using linux tools, I want to see the same read outs on my network! Believe me it looks a little different and can make someone take a little different direction into your network than what you might be thinking. If you doubt this, run different vulnerability scanners on different platforms and see what I mean.  Linux is not hard. I can teach anyone in 1 hour or less all the basic stuff you need to get around. You don’t have to be a linux master to compile and navigate that OS.   If you are the kind of person that likes more control of your OS than Bill likes to give you and you love to “tinker” with stuff then linux will addict you big time! LTL~! Love the Linux!

Yes I agree. Especially about red teaming. For a large company that really is the best and perhaps only way to do a complete hack of their security. Unfortunately for me, I am a one man show so I never get those large accounts. My accounts are always small and mid size. Often a law office or financial firms that may comprise less than 20 computers, but security is very important.  Sometimes a private school that might have a hundred boxes or more.  When doing an onsite security hack, I almost always have at least two laptops running. One with linux and the other with windows.  For me, the Operating Systems I spend the most time with are and try to maintain some level of understanding are: Red Hat and its sister Fedora core, Backtrack, Apache server, Windows XP pro, Server 2003, Small business server, Server 2000, SQL server. Form a programming language, C along with some HTML. For what I do this seems to cover what I need and I while I wouldn’t say I am a master of any, I feel comfortable with getting around them all and that seems to work well for me. It would be interesting to me if other one man operations out there have a similar preference.