Why are Linux/Unix based computers better to use than Windows computers for idle scanning?

You work as a penetration tester for Hammond Security Consultants. You are currently working on a contract
for the state government of California. Your next step is to initiate a DoS attack on their network. Why would
you want to initiate a DoS attack on a system you are testing?

Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility
that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability analysis said were
not exploitable. What kind of results did Jim receive from his vulnerability analysis?

In Linux, what is the smallest possible shellcode?

Your company uses Cisco routers exclusively throughout the network. After securing the routers to the best of
your knowledge, an outside security firm is brought in to assess the network security.
Although they found very few issues, they were able to enumerate the model, OS version, and capabilities for
all your Cisco routers with very little effort. Which feature will you disable to eliminate the ability to enumerate
this information on your Cisco routers?

George is the network administrator of a large Internet company on the west coast. Per corporate policy, none
of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from
the IT department. Few managers are using SFTP program on their computers. Before talking to his boss,
George wants to have some proof of their activity. George wants to use Ethereal to monitor network traffic, but
only SFTP traffic to and from his network.
What filter should George use in Ethereal?

Frank is working on a vulnerability assessment for a company on the West coast. The company hired Frank to
assess its network security through scanning, pen tests, and vulnerability assessments. After discovering
numerous known vulnerabilities detected by a temporary IDS he set up, he notices a number of items that
show up as unknown but Questionable in the logs. He looks up the behavior on the Internet, but cannot find
anything related. What organization should Frank submit the log to find out if it is a new vulnerability or not?

At what layer of the OSI model do routers function on?

George is performing security analysis for Hammond and Sons LLC. He is testing security vulnerabilities of
their wireless network. He plans on remaining as “stealthy” as possible during the scan. Why would a scanner
like Nessus is not recommended in this situation?

After undergoing an external IT audit, George realizes his network is vulnerable to DDoS attacks.
What countermeasures could he take to prevent DDoS attacks?