Domain: localareasecurity.com
Stories and comments across the archive that link to localareasecurity.com.
Comments · 13
-
IBM slashdotted?
Our apologies...
The IBM developerWorks Web site is currently under maintenance.
Please try again later.Thank you.
Wow... We slashdotted IBM! But to the point: I wonder what is your experience. What is better for system recovery? Standard Knoppix which is a general purpose desktop system meant to be an impressive demonstration tool but lacking many security programs, or some specialised versions like Knoppix STD or Local Area Security which have more tools but are kind of "script kiddie friendly" and look very unprofessional with their Martix themes, leet-speak, "proving no localhost is safe" slogans etc. making them look more like intrusion than recovery tools? Or maybe Morphix is the answer thanks to its ease of customisation and apt-getting new packages on the fly? Do you have any Real World(TM) experience?
-
What You Should Use
The fact of the matter is that NTFS 5 is the one file system that it appears no one can reliably write to without creating problems, except windows. Most file utils want you to boot to DOS, Knoppix boots you to Linux, and if you're lucky, you can read, but not write.
You should use captive-ntfs on Knoppix, or better yet:
- Knoppix STD -- Security Tools Sistribution, a customized distribution of the Knoppix Live Linux CD. Boot to the CD and you have Knoppix-STD. That would include a customized linux kernel (2.4.21 with ntfs rw, openmosix, and superfreeswan patches), Fluxbox windows manager, incredible hardware detection and hundreds of applications. Boot without the CD and you return to your original operating system. Aside from borrowing power, peripherals and some RAM, Knoppix-STD doesn't touch the host computer.
- Local Area Security Linux -- a Live CD distribution with a small footprint. Containing over 200 information security and administration related tools. As well as a full desktop environment and office productivity applications. With such a small footprint L.A.S. Linux can be optionally loaded and run from physical RAM (assuming there is 256MB or more). We currently have 2 different versions of L.A.S. to fit two specific size requirements.
- dyne:bolic -- a GNU/Linux distribution simply running from a CD, without the need to install anything, able to recognize most of your devices and periferals: sound, video, TV, network cards, firewire, usb devices and more. It is optimized to run on slower computers, turning it into a full media station: the minimum you need is a pentium1 or k5 PC 64Mb RAM and IDE CD-ROM, or a modded XBOX game console -- and if you have more than one, you can easily do clusters.
- F.I.R.E. -- Forensic and Incident Response Environment Bootable CD, a.k.a. DMZS-Biatchux, a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.
I hope it helps.
-
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Mirrors for DownloadMain Download Location (Miami, FL USA)
HTTP Current 185MB Version | Current 210MB Version| Download Directory
FTP Current 185MB Version | Current 210MB Version| Download Directory
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ -FTP US CaliforniaNot all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5s
We are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8 -
Re:Missing software
He states in the article on the website 'Fear and Loathing at comdex 2003' that, "Being that there are so many tools that can fit into that catagory which are Open Source. I did my best to give a high level overview of what there is available and to mention the less known, but equally good tools available. So please don't send me hate mail as to why X, Y, or Z was not mentioned."
So with limited time he was only trying to give people unfamiliar with Open Source tools a tasting of what there is to offer. . .
-
Re:Troubleshooting Potential
Local Area Security Linux is only 150 MB and it has fluxbox and has 150+ tools no fat. Fits on a miniCD. And the BIGGEST plus is it releases new versions every two to 3 weeks. F.I.R.E. hasn't had a release in a loooong time. STD has been a while too. . . They make it seem more like some guys hobby he gets tired of then comes back to. L.A.S. has a track record so far of updating both version and website.
-
Re:Troubleshooting Potential
It could, but there are many other, better, bootable distributions for that sort of thing. Three with a security (and thus forensics and recovery) twist that are all more useful in that sort of situation are:
F.I.R.E
knoppix-std
l.a.s. -
File information for the BT
-
File information for the BT