Local Area Security Linux 0.4a

Anonymous Coward writes "Local Area Security Linux is a small 'live CD' distribution based on Knoppix that aims at being less than 185MB so it will fit on a MiniCD. It is now 107MB with FluxBox as the window manager. It contains about 100 security (forensics, penetration testing, firewall, intrusion detection, etc.) tools including Ethereal and Nessus. See a screenshot here."

maybe I missed it but,

[justMichael]

How do you deal with the weekly Nessus plugin updates? Do you have to d/l and burn a new disk every week or two?

Re:maybe I missed it but,

[Jeremiah+Cornelius]

You run "nessus-update-plugins", which pop th elatest and greatest to your ramdisk.

Same as Knoppix.

No big deal, losing these between boots. The 2200+ vulns on the CD are fine to begin with AFAIC.

Re:Security?

[Frymaster]

But.. it can be used for the powers of evil.

of course! tools are value-neutral - it's intent that makes something good or evil. a gun can be used to do good, a pillow can be a weapon of murder.

now what we really need is /dev/intent

Downtime

[Bruha]

Someone earlier said companies cannot afford downtime. True but in most corporate enviroments there are plenty of boxes to take over the job of the hacked box most times and in the event that there's no backup most serious hackings will require the downtime anyways to investigate and fix the issue.

Can you imagine if a credit card database was hacked and they said just bring it back up?

Re:No Damn Blaster...

[frovingslosh]

Now, how many tools like this do you see for a windows, or any closed source environment.

Actually, there are a number of tools for windows. Even ethereal is available for windows and works pretty well on it. Part of the problem is that you can't legally make and redistribute a CD that will boot and run windows from CD, so there would be no good way to set up windows with everything that needs installed and run these types of applications from CD, even if you had windows on the computer (plus not being able to plan for what flavor of Windows you had). And while there are a lot of good tools to do these things under windows, and most or all of what is on this CD is open source and certainly could be ported to windows, the people making these tools simply prefer Linux and put them there first. But the tools do exist under windows.

Re:Redundant

[advocate_one]

no, not redundant at all... optimisation will make it work fast on only the machine you built it for... try booting an "optimised" CD on the machines in a mixed environment... one where you have no real idea of what is in the box until you fire it up... like at a friends or clients place.

Those binary packaged tools also have the source available on the web and you can check each package out yourself there. the list of packages is available on the download site...

The guy who put the distro together has merely taken the trouble to save you a lot of time by assembling all the packages himself. I'm sure he will be just as keen to keep it up to date as well keeping track of major holes and also making sure you have the documentation available so you can keep it up to date yourself as well like you can with Knoppix.

I take it from your tirade that you've never enjoyed the advantage of Knoppix in being able to boot up the disk on someone elses computer without having to actually mess with the hard disk at all??? Just try turning up at a clients site with a CD stuffed with source code and expecting to be able to install it all on the hard disk before you can conduct your tests... and having to wait whilst it all compiles...

The prepackaged binary CD is far more convenient... and you can leave a copy behind for him to use himself... I've left behind some twenty knoppix CDs now for friends and relatives to play around with so they can experience Linux without having to mess with their hard disk. I've since gone back and installed it properly for seven of those people as duel boot setups.