10 Best Security Live CD Distros 122
Ant writes to tell us Darknet has a summary of the ten best LiveCD distributions dealing with security. With links to download and a little information about each one." An great overview of some handy tools, some you know and probably a few you don't.
Backtrack rules... (Score:5, Informative)
Like rain on your weeding day (Score:4, Interesting)
LiveCDs are great, but always make sure that the source is trustworthy or you may end up with a bootable CD with Tubgirl as the desktop background. That wouldn't be pleasant. Especially in front of a customer.
Re:Like rain on your weeding day (Score:1, Insightful)
Re:Like rain on your weeding day (Score:2, Funny)
Re:Like rain on your weeding day (Score:3, Funny)
And thus, your stash is found, your company/country loses, and you go to jail for 20 years based off of a chat log.
Assumptions do that..
Re:weeding is crap in the rain, plot gets all mudd (Score:1, Funny)
Re:Like rain on your weeding day (Score:3, Insightful)
Re:Like rain on your weeding day (Score:2)
Usually I use a LiveCD in order to restore a mungled Windows installation.
I'm never really sure if I sould expect to find Tubgirl already set as the desktop background before I ever get to the machine in the first place...
- Zarq
Re:Like rain on your weeding day (Score:2)
Atleast in Kanotix (Score:4, Interesting)
Re:Atleast in Kanotix (Score:2)
Re:Atleast in Kanotix (Score:3, Funny)
Pros & Cons of Live CDs (Score:1, Informative)
It is very good to be security conscious. If you really want to benefit by the advances in Unix, try a secure OS like Tomahawk Desktop [tomahawkcomputers.com].
Re:Pros & Cons of Live CDs (Score:2)
Initially I thought this was just a really lame astroturf for what is simply yet another minor desktop Linux distro, but then I looked at their site.
Turns out it does have some unique features. For instance not only does it come with a firewall enabled, it comes with a picture of a firewall too! Check this out - http://www.tomahawkcomputers.com/images/inkscape-1 -204.png [tomahawkcomputers.com]
Beat
Re:Pros & Cons of Live CDs (Score:1)
you to get live CD functionality (i.e. booting the identical image each time) from a hard disk install.
Re:Pros & Cons of Live CDs (Score:2)
Fastest whore on the block (Score:3, Informative)
Re:Fastest whore on the block (Score:2)
Re:Calling all karma whores.. (Score:1, Funny)
Yes, I use it to shave
Hmmm (Score:2, Informative)
Load Averages 8.31 6.93 6.18
Re:Hmmm (Score:2)
People are complaining that it's being
slashdotted top ten (Score:4, Informative)
2. Operator
3. PHLAK
4. Auditor
5. L.A.S Linux
6. Knoppix-STD
7. Helix
8. F.I.R.E
9. nUbuntu
10. INSERT Rescue Security Toolkit
Extra - Knoppix
Re:slashdotted top ten (Score:3, Informative)
I'm running a Knoppix-STD mirror at the Virginia Tech CS Dept Mirror [vt.edu]. I've emailed them back and forth, but they haven't added me to their site. Try not to pound the K-STD site; they don't have a lot of bandwidth. And if you want to download it, I'm probably as reliable, if not more so, than the other mirrors listed.
~Will
No BSD? (Score:5, Interesting)
Or is this thing only for Linux?
Re:No BSD? (Score:4, Interesting)
OpenBSD is a strong server operating system but it makes a horrible forensics toolkit base because of the lack of the level of hardware support that Linux enjoys. I'm not bashing it as a server OS since you can pick and choose the best supported components in that environment, but when using it as a forensics tool you have to support a wide variety of very oddball hardware that a desktop or server might contain and Linux is better at doing that.
Re:No BSD? (Score:3, Insightful)
OliveBSD? (Score:5, Informative)
Re:Attention: a link from 1 LiceCD infected by wor (Score:2)
Re: (Score:1)
How about "Live USB Key" distros? (Score:5, Interesting)
I've found instructions on doing this for some distros (including Knoppix I think), but the step-by-step was too long and involved.
Re:How about "Live USB Key" distros? (Score:2, Informative)
Re:How about "Live USB Key" distros? (Score:2)
RIP site [tux.org]
Re:How about "Live USB Key" distros? (Score:5, Informative)
Re:How about "Live USB Key" distros? (Score:2)
It worked for me, took only moments, and didn't require any technical shenanigans (beyond knowing where my usb drive was mounted, i think)
This is all from memory, as the PHLAK site seems unavailable right now.
Of course, it's your decision as to whether PHLAK is any good as a general purpose day-to-day linux distro.
Insert Linux (Score:4, Informative)
Re:Insert Linux (Score:1)
You give us 60mb, we'll give you the world.
INSERT is also part of the Ultimate Boot CD. (Score:4, Informative)
Re:Insert Linux (Score:3, Interesting)
Rightclick desktop and choose "Applications, INSERT, usb-install"
Now a confusing choice, which device: hdx/sdx/ubx?
UBX -> "Error creating EXT2 filesystem"
SDX -> seems to have overwritten my hard drive (no matter, it's a test PC)
HDX -> leave this for later
I think this PC has: sdc, sda1, sda5, sdb1, and sdc - might it be one of those?
Or can you help me use fdisk to check my USB device name? I managed to get a CLI
Re:Insert Linux (Score:3, Informative)
Re:Insert Linux (Score:2)
sda1 = HDD partition 1, sda5 = HDD partition 2, sdc = USB
much obliged
Re:How about "Live USB Key" distros? (Score:2)
The main thing you need to consider is the size of the distro. I'm got a full 512 Mb on my stick, so its not too bad.
Anyway, as far as easy goes - grab Damn Small Linux. Or Feather Linux.
I remember seeing Mandrake Go! or something a while back as well. Haven't tried that one though.
You may also like to head over to Live Distro [livedistro.org] for some light reading!
Re:How about "Live USB Key" distros? (Score:2, Interesting)
http://www.damnsmalllinux.org/ [damnsmalllinux.org]
Its pretty easy, but its very difficult to separate the 'old' docs from the 'new' info about some sections of the system.
Make a cdrom, boot a box off that, then from the menus, choose to create a bootable usb OR a usb that can be started from within Windows or Linux as a guest OS.
BUT:
Of the many hundreds of computers here I have not found one that would in fact boot from USB!
Running as a Guest OS inside of Windows doesn't provide any Network Access. Now Qemu s
Re:How about "Live USB Key" distros? (Score:1)
Some apps are easy to add. I have a static compiled program and 3 executable Java Jar files. Adding the jre15.dsl (from the dsl website) and the jars to the / of a pendrive is easy. Then boot the DSL cdrom and use the mydsl option to load the 'modules'. This is per some DSL Wiki info.
Search for 'create package'.
Its HARDER if you need to compile some program and dynamically link it to the libs. I found the easiest way is to install DSL to its own HD partition, then use the myDSL tool to downloa
Re:How about "Live USB Key" distros? (Score:1)
Does anyone know if it's possible to have both Linux AND Windows based bootable USB key? Maybe partitioning it... I'm not sure. All the diag software vendors like Dell, etc. have software, but it only runs on Windows or in DOS, so that's why I'd like to have both.
Adios / UML (Score:3, Informative)
Just throwing security apps on a livecd distro (Score:3, Insightful)
Also, it seems to me that a rescue CD should not, by default, boot to a GUI. It slows down the boot, and is not that useful when GUI can not be loaded. People who use these should know how to use the command line.
Re:Just throwing security apps on a livecd distro (Score:2)
Re:Just throwing security apps on a livecd distro (Score:1)
Live CD's for Power PC (Score:1)
Does anyone have the IP address and/or copy? (Score:2)
Re:Does anyone have the IP address and/or copy? (Score:2)
RO-OS (Score:4, Insightful)
Maybe a safer system will just reload a single watchdog instance from the CD, which checks itself against the other running instances.
Any difference would send an alarm out of the system.
Of course, the virtualization layer itself needs authenticity checks. But that might be possible against a CD image, and in any case would be no less secure than without this system I'm describing.
Re:RO-OS (Score:1)
Re:RO-OS (Score:2)
There's still not a lot of good protections from physical access to the machine. My suggest
suitability for WEP cracking (Score:2)
Re:suitability for WEP cracking (Score:1)
I think the well-known "how to crack WEP in 10 minutes" flash video was done in Whoppix.
All you need is love. And airsnort, aireplay and airocrack.
Re:Is it difficult to proofread a submission? (Score:2)
Re:Is it difficult to proofread a submission? (Score:3, Funny)
As difficult as it would be for some to not harp on a simple typo?
Re:Is it difficult to proofread a submission? (Score:1)
Re:Is it difficult to proofread a submission? (Score:2, Funny)
Re:dang, no mod points to mod this off-topic, lame (Score:4, Funny)
Olny srmat poelpe can.
cdnuolt blveiee taht I cluod aulaclty uesdnatnrd waht I was rdanieg. The phaonmneal pweor of the hmuan mnid, aoccdrnig to a rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is taht the frist and lsat ltteer be in the rghit pclae. The rset can be a taotl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe. Amzanig huh? yaeh and I awlyas tghuhot slpeling was ipmorantt!
Re:dang, no mod points to mod this off-topic, lame (Score:2)
-nB
Re:dang, no mod points to mod this off-topic, lame (Score:1)
Anidroccg to crad cniyrrag lcitsiugnis planoissefors at an uemannd
utisreviny in Bsitirh Cibmuloa, and crartnoy to the duoibus cmials of
the ueticnd rcraeseh, a slpmie, macinahcel ioisrevnn of ianretnl
cretcarahs araepps sneiciffut to csufnoe the eadyrevy oekoolnr.
Translation:
According to card carrying linguistics professionals at an unnamed
university in British Columbia, and contrary to the dubious claims of
the uncited research, a simple, mechanical inv
Re:dang, no mod points to mod this off-topic, lame (Score:1)
Re:dang, no mod points to mod this off-topic, lame (Score:1)
Re:dang, no mod points to mod this off-topic, lame (Score:1, Offtopic)
Re:dang, no mod points to mod this off-topic, lame (Score:2, Offtopic)
Couldn't understand that? Perhaps it is because it was gibberish. Perhaps had we agreed on some basic rules of communication it would have been intelligible. But then that would make us "grammar nazis" wouldn't it?
It drives me mad when people insist "don't need no grammer, us talk reel gud neway". Perhaps, for the moment. But without any rules for communication whatsoever we have no way to communicate at all
Worse still, the same people who whine about grammar (or often "gramme
Re:dang, no mod points to mod this off-topic, lame (Score:1, Offtopic)
Re:*YAWN* ;^O (Score:1)
Re:*YAWN* ;^O (Score:2, Informative)
The article (and therefore, discussion) is about Live-CDs.
Re:*YAWN* ;^O (Score:1)
Re:*YAWN* ;^O (Score:1)
Re:*YAWN* ;^O (Score:2)
If you read the article so thoroughly, how did you miss the fact that it was about Live CDs used for security testing? The BSD Live CDs may well be very secure, but they do not come with hundreds of auditing tools. They are therefore out of scope for the art
Oops (Score:1, Offtopic)
Re:*YAWN* ;^O (Score:4, Informative)
At least read the title of the articel (Score:2)
The BSD's are not Live CD Distros used for penetration-testing, forensics, or recovery.
Re:At least read the title of the articel (Score:5, Informative)
Re:At least read the title of the articel (Score:1)
What part of 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) did you not understand? The ones reviewed are geared towards forensic analysis and such, not just a secure OS in general. From what Google tells me, there aren't any live BSD systems that fit the article's title.
troll (Score:1)
In China, google is not.
e-penis?? (Score:3, Funny)
This is a product I haven't heard of before. I only have a regular penis myself. Perhaps you can enlighten me here:
- What advantages does an e-penis have over a regular penis?
- Can you e-mail it to your girlfriend every night when you are on business trips to keep her out of the arms of other men?
- Is driver support a problem?
- Can it be overclocked?
Re:e-penis?? (Score:5, Funny)
You can, but you should use PGP to avoid the risk of a man-in-the-middle attack.
Re:e-penis?? (Score:1)
- Does it run Linux?
Re:e-penis?? (Score:1)
Re:Kororaa with Xgl, for beauty (Score:2)
Re:Kororaa with Xgl, for beauty (Score:3, Funny)
You have missed the point. If it weren't for my unshakeable faith in the Slashdot community, I might even suspect you of not having read the article.
This is about Live CDs designed for security auditing, not the security of Live CDs. Although Nmap with OpenGL support would be pretty cool - watching thousands of Phong shaded, texture mapped SYN packets flying at the target host and either bouncing off or penetrating