Local Area Security Linux 0.4a

Anonymous Coward writes "Local Area Security Linux is a small 'live CD' distribution based on Knoppix that aims at being less than 185MB so it will fit on a MiniCD. It is now 107MB with FluxBox as the window manager. It contains about 100 security (forensics, penetration testing, firewall, intrusion detection, etc.) tools including Ethereal and Nessus. See a screenshot here."

Torrent file

[DJFelix]

Click here for a torrent of the .04a ISO image.

Enjoy!

Re:Torrent file

[numatrix]

Please, PLEASE folks, use the torrent. My desktop is one of the mirrors, and I suddenly noticed about 9Mb/s started flowing and couldn't figure it out. I joked to my officemate that one of the isos I was hosting musta been /.'ed. Then I thought about it and, well, yeah, it was.

Fluxbox

[Blangopolis]

The window manager that LAS is using, fluxbox, is a truly great window manager. I think that it is one of my favorites. It basically is an extension of the blackbox window manager. I was actually reading a review on it earlier.

Overall, this is a great new window manager, that will perform well on lower end machines.

SLashdotted!! mirrors

[Creepy+Crawler]

::::: New Mirrors Added! :::::

L.A.S. 0.4a Main with FluxBox MD5: 0939d7294035b5246bedbce1085bb1e1

http://lightning.chem.tue.nl/las/l.a.s_0.4a_MAIN .i so -The Netherlands

http://sarovar.org/mirrors/knoppix-las/l.a.s_0.4 a_ MAIN.iso -India/Asian Pacific

http://psifertex.nerdc.ufl.edu/iso/l.a.s_0.4a_MA IN .iso -USA

L.A.S. 0.3b Main MD5: f47150d2458c78169a65458bcf8ebf96

http://lightning.chem.tue.nl/las/l.a.s_0.3b.iso

http://sarovar.org/mirrors/knoppix-las/l.a.s_0.3 b. iso

http://psifertex.nerdc.ufl.edu/iso/l.a.s_0.3b.is o

L.A.S. 0.3b SECSERV MD5: ff412734492e39d1d084ced556a47493

http://lightning.chem.tue.nl/las/l.a.s_0.3b_SECS ER V.iso

http://sarovar.org/mirrors/knoppix-las/l.a.s_0.3 b_ SECSERV.iso

http://psifertex.nerdc.ufl.edu/iso/l.a.s_0.3b_SE CS ERV.iso

Re:live CDs are nice

[caudron]

"when's the day that I can roll out my own live CDs without TOO much effort? Just select the packages you want, kernel, drivers, etc, wait as the program churns out a nice ISO for you which you can burn to a CD and voila, insta-Linux!"

When? Today.

What you just described is what Gentoo is about entirely. Gentoo fanaticism aside, if that's what you want, then you should look into it.

-Tom

Sounds a lot like F.I.R.E.

This sounds a LOT like F.I.R.E. (http://fire.dmzs.com) which I've found to be extremely useful, and highly recommend for forensics, pen testing, and other practical security efforts.

Re:live CDs are nice

You can now.

Check out Morphix. It's a distro based on Knoppix, but modularized. There are small versions (that will fit on a mini-CD) as well as "fat" versions (with all the bells and whistles).

It's designed so that you can choose the features you want, add additional software, and burn a custom CD. Not quite turnkey, but quite doable with a little effort.

Re:USB flash version

[numatrix]

I can think of two:

knoppix-usb
and runt.

Knoppix-usb is based on (you guessed it!) and runt is based on slackware.

I'm using it right now ...

[MacEnvy]

I'm typing this right now in the "Links" browser. It's fast, it looks good, it has most of the tools I use (Nessus, Ethereal, XMMS, Firebird). I might just mod this and carry it with me instead of using other people's machines when I'm doing diagnostics. It picked up my wireless correctly and everything.

Have fun with this one, kids.

Re:Forensics utilities are somewhat useless

[MoralHazard]

Oh, really? Since when does "advanced forensics [sic] analysis" involve expensive tools? What forensic company do you work for, anyway, that you'd have the experience to make such a sweeping generalization? Oh, wait... you DON'T work for a forensic company--you build servers for a living.

I've worked six jobs in the last four months using Unix tools, and used various combinations of dd, netcat, ssh, mount, losetup, grep, and the other unix basics to wonderful effect on every one. They don't really ever fail on account of bugs or arbitrary limit conditions (can't handle files bigger than X MB, for instance), and they're terribly simple to troubleshoot. Oh, and there's nothing like an open-source tool for when you have to walk into court and answer the question "So, Mr. Expert-Computer-guy, how do you KNOW that this software did what you said it did?" It takes the wind out of an attorney's sails when you whip out the printed source code to md5sum and start walking him through it.

I've used the $90K forensic tools from the high-profile companies, and they work OK. Not great , though. EnCase, one of the more popular LE programs, has been plagued with bugs in the latest major version. Also, they're restricted to Windows and Mac analysis, so you're out of luck if you get a Linux machine. Oh, and don't even bother with tech support unless you're a true idiot who has failed to plug in his computer--one time, their IDE write-blocking interface was forcing drives into PIO mode (and taking 40 hours to copy a 10 GB hard drive!), and their phone tech suggesting that I try "www.hardforum.com" for technical advice. Talk about pure shit.

Most of the other insanely expensive tools that I've used have similar issues: limited platform support, buggy out the ass, and crappy tech support. The last isn't their fault so much, because most people using forensic tools are advanced enough that they won't be helped by any by the best--and the best technical/forensic people are expensive. But the bugs, oh god, the bugs!

There are a few tools that the USAF's OSI put into public domain usage that are handy, but really, you just need a linux machine with dd, ssh, netcat, and a custom kernel.