Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

10 Best Security Live CD Distros 122

Posted by ScuttleMonkey from the don't-leave-home-without-it dept.
Ant writes to tell us Darknet has a summary of the ten best LiveCD distributions dealing with security. With links to download and a little information about each one." An great overview of some handy tools, some you know and probably a few you don't.
This discussion has been archived. No new comments can be posted.

10 Best Security Live CD Distros More

10 Best Security Live CD Distros

Comments Filter:

  • Backtrack rules... (Score:5, Informative)

    by Daxster ( 854610 ) on Wednesday March 15, 2006 @05:42AM (#14922760) Homepage
    I've used Auditor extensively in the past year or so, and played around with Slax. Slax is buggy and definitely lacking polish, but it's modular system of scripts and packages make it perfect for a combination of whoppix and Auditor. Now if only proper ndiswrapper modules were included...

  • Like rain on your weeding day (Score:4, Interesting)

    by BadAnalogyGuy ( 945258 ) <BadAnalogyGuy@gmail.com> on Wednesday March 15, 2006 @05:44AM (#14922766)
    I suppose it's probably safe to trust that the makers of your LiveCD aren't putting little rootkits into the image that automatically get installed to the existing OS image on the hard disk.

    LiveCDs are great, but always make sure that the source is trustworthy or you may end up with a bootable CD with Tubgirl as the desktop background. That wouldn't be pleasant. Especially in front of a customer.

  • Atleast in Kanotix (Score:4, Interesting)

    by poeidon1 ( 767457 ) on Wednesday March 15, 2006 @05:46AM (#14922770) Homepage
    it lacked ndiswrapper kernel module though it had ndiswrapper installed. Made it impossible to use it with my wireless network. If it ships with ndiis wrapper it should have had ndiswrapper module or atleast some source where it could be compiled.

  • Pros & Cons of Live CDs (Score:1, Informative)

    by Anonymous Coward
    Advantage of Live CD is that you can try it without installing anything into a computer. The disadvantage is its very slow and very limited in functionality. Very frustrating for every day use. Nothing can beat the performance of an installed version.

    It is very good to be security conscious. If you really want to benefit by the advances in Unix, try a secure OS like Tomahawk Desktop [tomahawkcomputers.com].
    • It is very good to be security conscious. If you really want to benefit by the advances in Unix, try a secure OS like Tomahawk Desktop.

      Initially I thought this was just a really lame astroturf for what is simply yet another minor desktop Linux distro, but then I looked at their site.

      Turns out it does have some unique features. For instance not only does it come with a firewall enabled, it comes with a picture of a firewall too! Check this out - http://www.tomahawkcomputers.com/images/inkscape-1 -204.png [tomahawkcomputers.com]

      Beat
    • The live CDs are not intended for everyday use. An option for hard drive installation of a CD image (such as the Damn Small Linux Frugal Install) allows
      you to get live CD functionality (i.e. booting the identical image each time) from a hard disk install.
    • I use my livecd linux [geocities.com] all the time, and find that it is indeed useful, and is not slow at all to boot or run. I have a blog here [blogspot.com] too. Take a look at the screenshots, link in my signature. If one has a spare hard drive partition, just do "tohd=/dev/hda3" at the boot prompt (using hda3 as an example), and you have the CD copied to that partition, and running from that, very fast on 7200 rpm drives. Next time, just "fromhd=/dev/hda3" and you are able to remove the CD from the drive in a few seconds, and run of

  • Hmmm (Score:2, Informative)

    by ShaolinTiger ( 798138 )
    Still up for me?

    Load Averages 8.31 6.93 6.18
    • "Load Averages 8.31 6.93 6.18"

      People are complaining that it's being /.ed and you've loaded it 3 times to get load times? You mean mean man =P

  • slashdotted top ten (Score:4, Informative)

    by Anonymous Coward on Wednesday March 15, 2006 @06:34AM (#14922889)
    1. BackTrack
    2. Operator
    3. PHLAK
    4. Auditor
    5. L.A.S Linux
    6. Knoppix-STD
    7. Helix
    8. F.I.R.E
    9. nUbuntu
    10. INSERT Rescue Security Toolkit
    Extra - Knoppix

    • I'm running a Knoppix-STD mirror at the Virginia Tech CS Dept Mirror [vt.edu]. I've emailed them back and forth, but they haven't added me to their site. Try not to pound the K-STD site; they don't have a lot of bandwidth. And if you want to download it, I'm probably as reliable, if not more so, than the other mirrors listed.

      ~Will

  • No BSD? (Score:5, Interesting)

    by putko ( 753330 ) on Wednesday March 15, 2006 @07:09AM (#14922954) Homepage Journal
    What about that OpenBSD-based live CD? Isn't that a top security OS?

    Or is this thing only for Linux?

    • Re:No BSD? (Score:4, Interesting)

      by Professor_UNIX ( 867045 ) on Wednesday March 15, 2006 @09:02AM (#14923232)
      What about that OpenBSD-based live CD? Isn't that a top security OS?

      OpenBSD is a strong server operating system but it makes a horrible forensics toolkit base because of the lack of the level of hardware support that Linux enjoys. I'm not bashing it as a server OS since you can pick and choose the best supported components in that environment, but when using it as a forensics tool you have to support a wide variety of very oddball hardware that a desktop or server might contain and Linux is better at doing that.

    • Re:No BSD? (Score:3, Insightful)

      by Ratbert42 ( 452340 )
      Top secure OS, not top hacker OS.

  • OliveBSD? (Score:5, Informative)

    by wick3t ( 787074 ) on Wednesday March 15, 2006 @07:20AM (#14922975)
    Although it's not a linux distribution, surely any live CD based on OpenBSD [paderni.free.fr] deserves a mention!

  • How about "Live USB Key" distros? (Score:5, Interesting)

    by timeOday ( 582209 ) on Wednesday March 15, 2006 @08:09AM (#14923085)
    Anybody know a distro that's easy to install and run from a USB key?

    I've found instructions on doing this for some distros (including Knoppix I think), but the step-by-step was too long and involved.

    • I remember reading about on some time ago. - http://runt.mybox.org/ [mybox.org]
    • You can run RIP( (R)ecovery (I)s (P)ossible ) rescue system from a USB key, and you could probably adapt it's instructions to something else
      RIP site [tux.org]

    • Re:How about "Live USB Key" distros? (Score:5, Informative)

      by farker haiku ( 883529 ) on Wednesday March 15, 2006 @08:52AM (#14923201) Journal
      Check out http://slax.linux-live.org/ [linux-live.org], it's a 185 MB distro. Or you can roll your own [linuxfromscratch.org].
    • If i recall correctly, if you boot the latest version of PHLAK there is an icon on the desktop to install a mini version of PHLAK to removable drive.

      It worked for me, took only moments, and didn't require any technical shenanigans (beyond knowing where my usb drive was mounted, i think)

      This is all from memory, as the PHLAK site seems unavailable right now.

      Of course, it's your decision as to whether PHLAK is any good as a general purpose day-to-day linux distro.

    • Insert Linux (Score:4, Informative)

      by swtaarrs ( 640506 ) <swtaarrs@comcast. n e t> on Wednesday March 15, 2006 @09:16AM (#14923265)
      The best one I've found is Insert Linux [inside-security.de]. Once you download, burn, and boot from the ISO, there's a menu option in fluxbox to install to a usb key. All you have to do is make sure the the first partition on the drive is at least 64MB and it'll do the rest for you, formatting the partition, copying files, and installing the bootloader. I haven't used it a whole lot, but they pack a lot into 60MB.
      • I haven't used it a whole lot, but they pack a lot into 60MB.

        You give us 60mb, we'll give you the world.

      • The Ultimate Boot CD [ultimatebootcd.com] is a nice collection of memory, CPU, partition, filesystem, benchmarking, and BIOS utilities, and the "full" version of the UBCD contains INSERT as well as all of the other stuff. Quite a nice collection of utilities and diagnostic software on one CD.

      • Re:Insert Linux (Score:3, Interesting)

        by permaculture ( 567540 )
        I really want to boot from a USB pen drive. The file downloaded OK and the CD booted OK.
        Rightclick desktop and choose "Applications, INSERT, usb-install"
        Now a confusing choice, which device: hdx/sdx/ubx?

        UBX -> "Error creating EXT2 filesystem"
        SDX -> seems to have overwritten my hard drive (no matter, it's a test PC)
        HDX -> leave this for later

        I think this PC has: sdc, sda1, sda5, sdb1, and sdc - might it be one of those?

        Or can you help me use fdisk to check my USB device name? I managed to get a CLI

        • Re:Insert Linux (Score:3, Informative)

          by dylan_- ( 1661 )
          Probably /dev/sdb or c. Simple way to check: Leave the thing unplugged on boot. Start up a terminal and type "dmesg"...see what it ends with? Now insert the drive. Type "dmesg" at terminal again. Should have added some stuff about usb-storage where it names the device.
    • There are loads. Personally I use Devil Linux, and in fact, you can run pretty much any distro with tweaking ;) Yes, I know.. you said easy!

      The main thing you need to consider is the size of the distro. I'm got a full 512 Mb on my stick, so its not too bad.

      Anyway, as far as easy goes - grab Damn Small Linux. Or Feather Linux.

      I remember seeing Mandrake Go! or something a while back as well. Haven't tried that one though.

      You may also like to head over to Live Distro [livedistro.org] for some light reading!
    • Damn Small Linux.

      http://www.damnsmalllinux.org/ [damnsmalllinux.org]

      Its pretty easy, but its very difficult to separate the 'old' docs from the 'new' info about some sections of the system.

      Make a cdrom, boot a box off that, then from the menus, choose to create a bootable usb OR a usb that can be started from within Windows or Linux as a guest OS.

      BUT:
      Of the many hundreds of computers here I have not found one that would in fact boot from USB!

      Running as a Guest OS inside of Windows doesn't provide any Network Access. Now Qemu s
      • FollowUp:

        Some apps are easy to add. I have a static compiled program and 3 executable Java Jar files. Adding the jre15.dsl (from the dsl website) and the jars to the / of a pendrive is easy. Then boot the DSL cdrom and use the mydsl option to load the 'modules'. This is per some DSL Wiki info.
        Search for 'create package'.

        Its HARDER if you need to compile some program and dynamically link it to the libs. I found the easiest way is to install DSL to its own HD partition, then use the myDSL tool to downloa
    • I've also been trying to find a good distro that will run from a USB key for diagnostic uses.

      Does anyone know if it's possible to have both Linux AND Windows based bootable USB key? Maybe partitioning it... I'm not sure. All the diag software vendors like Dell, etc. have software, but it only runs on Windows or in DOS, so that's why I'd like to have both.

  • Adios / UML (Score:3, Informative)

    by Locarius ( 798304 ) on Wednesday March 15, 2006 @09:25AM (#14923296)
    I am suprised that they did not include Adios [qut.edu.au]. The nicest feature is the ability to run multiple Linux kernels in userspace (User Mode Linux). It also comes with heaps of security tools on the LiveCD.

  • Just throwing security apps on a livecd distro (Score:3, Insightful)

    by walterbyrd ( 182728 ) on Wednesday March 15, 2006 @12:50PM (#14925071)
    Is not all that impressive to me.

    Also, it seems to me that a rescue CD should not, by default, boot to a GUI. It slows down the boot, and is not that useful when GUI can not be loaded. People who use these should know how to use the command line.

  • Any sugestions for a security focused live cd that will run on a PPC chip.
  • Looks like their DNS servers are not responding to my queries when I try to resolve www.darknet.org.uk. Does anyone have the IP address of that site? How about a copy of the article? The listed nameservers (ns[12].malaysiablogs.com) appear to be unresponsive.

  • RO-OS (Score:4, Insightful)

    by Doc Ruby ( 173196 ) on Wednesday March 15, 2006 @02:26PM (#14925951) Homepage Journal
    One of the best features of a secure Live CD is that the read-only media prevents attacks from writing to the stored OS (on CD). I'd love to see a virtualization system that reloads the OS from the CD every so often (hours, minutes, seconds) and switches all processes to the new, more trustworthy instance.

    Maybe a safer system will just reload a single watchdog instance from the CD, which checks itself against the other running instances.

    Any difference would send an alarm out of the system.

    Of course, the virtualization layer itself needs authenticity checks. But that might be possible against a CD image, and in any case would be no less secure than without this system I'm describing.
    • What is somebody switched the CD?
      • The OS should send an alert when the CD drive is opened, and assume the CD has been violated. A more secure kernel might allow the CD drive to open only in single user mode, for OS upgrades. A more secure system might not allow the CD drive to open at all, requiring upgrades to open the CD on a separate machine, and coldswapping the CD/drive only by those with access to powercycle the machine and upgrade its hardware.

        There's still not a lot of good protections from physical access to the machine. My suggest
  • Let's say there's a WiFi AP with basic WEP at a bookstore near me, and let's say I want to crack it. Does one (or more) of these LiveCD distros include the necessary tools?

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close