10 Best Security Live CD Distros

Ant writes to tell us Darknet has a summary of the ten best LiveCD distributions dealing with security. With links to download and a little information about each one." An great overview of some handy tools, some you know and probably a few you don't.

Is it difficult to proofread a submission?

[Tim_F]

"An great"?

How difficult would it have been to change this to "A great"?

I'm guessing very as it didn't happen.

Re:Is it difficult to proofread a submission?

[Jonas56]

Even worse, the editor added that comment, as it's outside the quote. Well, at least I assume that's the ending quotation mark, seeing as there's no beginning quotation mark. It is late, maybe he's half asleep.

Re:Is it difficult to proofread a submission?

Taco recently editorialized that /. should retain its character; evidently, ceaseless typos and brutal grammar provide a significant part of that.

Is the rest of /. - accounting, IT, marketing, and so on - as willfully half-assed? For the sake of your business, Taco, I hope not.

HTH

Re:Is it difficult to proofread a submission?

you philistine!

the word "great" is pronounced with a silent "g", a silent "r" and a silent "e".

It's spelt "great" but it's pronounced "at", therefore it's "an great ..."

Re:Is it difficult to proofread a submission?

It is late,

Maybe on your half of the planet. :-)

Re:Is it difficult to proofread a submission?

It's late in North America and more specifically the USA, which is where slashdot caters to due to the highest amount of visitors originating from there.

Re:Is it difficult to proofread a submission?

[digitaldc]

How difficult would it have been to change this to "A great"?

As difficult as it would be for some to not harp on a simple typo?

Re:Is it difficult to proofread a submission?

[hanleys]

How difficult would it have been to add the word Linux in the title, so I wouldn't have bothered to read it?

Re:Is it difficult to proofread a submission?

[Braino420]

uhh, you're kind of in the wrong place. Here, let me redirect you.

Kororaa with Xgl, for beauty

[G3ckoG33k]

Don't know about security though. But since Xgl is fairly new I wouldn't trust it in a server.

Re:Kororaa with Xgl, for beauty

[babbling]

It's crappy in terms of security. Runs the ssh daemon by default.

Re:Kororaa with Xgl, for beauty

why would you run X on a server at all? seems like a bit of a waste of resources if you ask me.
though if it crashes, other programs usually keep running anyway...

Re:Kororaa with Xgl, for beauty

[Slashcrap]

Don't know about security though. But since Xgl is fairly new I wouldn't trust it in a server.

You have missed the point. If it weren't for my unshakeable faith in the Slashdot community, I might even suspect you of not having read the article.

This is about Live CDs designed for security auditing, not the security of Live CDs. Although Nmap with OpenGL support would be pretty cool - watching thousands of Phong shaded, texture mapped SYN packets flying at the target host and either bouncing off or penetrating would make my day. Someone page Dan Kaminsky - he's great at cool shit like that.

Re:Kororaa with Xgl, for beauty

Don't know about security though.

That's an understatement if I've ever heard one. I'm not sure who scares me more - you, or the other AC that asked why you'd run an X server on a LiveCD. Either way, both of you should do us all a favor and throw your computers out the nearest window.

Re:Kororaa with Xgl, for beauty

i said on a SERVER, not a livecd

Backtrack rules...

[Daxster]

I've used Auditor extensively in the past year or so, and played around with Slax. Slax is buggy and definitely lacking polish, but it's modular system of scripts and packages make it perfect for a combination of whoppix and Auditor. Now if only proper ndiswrapper modules were included...

Like rain on your weeding day

[BadAnalogyGuy]

I suppose it's probably safe to trust that the makers of your LiveCD aren't putting little rootkits into the image that automatically get installed to the existing OS image on the hard disk.

LiveCDs are great, but always make sure that the source is trustworthy or you may end up with a bootable CD with Tubgirl as the desktop background. That wouldn't be pleasant. Especially in front of a customer.

Re:Like rain on your weeding day

This is a good reason never to test something while customers are present...

Re:Like rain on your weeding day

If it was raining when I wanted to do some weeding, I'd go and tidy the greenhouse instead ;)

Re:Like rain on your weeding day

[Renraku]

"I suppose it's probably safe to trust that the makers of your LiveCD aren't putting little rootkits into the image that automatically get installed to the existing OS image on the hard disk."

And thus, your stash is found, your company/country loses, and you go to jail for 20 years based off of a chat log.

Assumptions do that..

Re:Like rain on your weeding day

I guess it depends on the customer. You might be in pr0n/fethish business.

Re:Like rain on your weeding day

what is this "tube girl" you speak of?

Re:Like rain on your weeding day

[MooUK]

Anyone using something like this for the first time in the presence of a customer should have bigger problems than just tubgirl...

Re:Like rain on your weeding day

[Zarquil]

I dunno...

Usually I use a LiveCD in order to restore a mungled Windows installation.

I'm never really sure if I sould expect to find Tubgirl already set as the desktop background before I ever get to the machine in the first place...

  - Zarq

Re:Like rain on your weeding day

[Mateito]

This little experiment shows that users will install anything: http://www.csoonline.com.au/index.php?id=205513513 5&eid=-302

Atleast in Kanotix

[poeidon1]

it lacked ndiswrapper kernel module though it had ndiswrapper installed. Made it impossible to use it with my wireless network. If it ships with ndiis wrapper it should have had ndiswrapper module or atleast some source where it could be compiled.

Re:Atleast in Kanotix

[poeidon1]

Oops, I always end up confusing between knoppix-STD and Kanotix

Re:Atleast in Kanotix

[Filip22012005]

No network interface? That's a security feature!

another my e-penis is bigger than yours?

do we really need articles of which is best? its all basically like comparing apples to oranges, and usually just results in a bunch of die hard freaks boasting how/why one is better than the rest. why not just point out the pros, and cons, and be done with it, let the end user decide which s/he thinks is better.

Slashdotted to death

Seems their server can't handle a slashdot.
Perhaps slashdot should be used as a sort of server robustness check. Get an article hosted on your server posted to slashdot and see whether you server kicks it or not. ;) Might even be a good way to compare systems and setups.

Pros & Cons of Live CDs

Advantage of Live CD is that you can try it without installing anything into a computer. The disadvantage is its very slow and very limited in functionality. Very frustrating for every day use. Nothing can beat the performance of an installed version.

It is very good to be security conscious. If you really want to benefit by the advances in Unix, try a secure OS like Tomahawk Desktop.

Re:Pros & Cons of Live CDs

^ posted as AC for security in shameless plugging.

Re:Pros & Cons of Live CDs

[Slashcrap]

It is very good to be security conscious. If you really want to benefit by the advances in Unix, try a secure OS like Tomahawk Desktop.

Initially I thought this was just a really lame astroturf for what is simply yet another minor desktop Linux distro, but then I looked at their site.

Turns out it does have some unique features. For instance not only does it come with a firewall enabled, it comes with a picture of a firewall too! Check this out - http://www.tomahawkcomputers.com/images/inkscape-1 -204.png

Beat that OpenBSD!

Re:Pros & Cons of Live CDs

[couchslug]

The live CDs are not intended for everyday use. An option for hard drive installation of a CD image (such as the Damn Small Linux Frugal Install) allows
you to get live CD functionality (i.e. booting the identical image each time) from a hard disk install.

Re:Pros & Cons of Live CDs

"Nothing can beat the performance of an installed version."

A LiveCD loaded into memory, such as using the 'knoppix toram' boot option, can beat the performance of an installed version.

Re:Pros & Cons of Live CDs

[rapidweather]

I use my livecd linux all the time, and find that it is indeed useful, and is not slow at all to boot or run. I have a blog here too. Take a look at the screenshots, link in my signature. If one has a spare hard drive partition, just do "tohd=/dev/hda3" at the boot prompt (using hda3 as an example), and you have the CD copied to that partition, and running from that, very fast on 7200 rpm drives. Next time, just "fromhd=/dev/hda3" and you are able to remove the CD from the drive in a few seconds, and run off your "installation". This is not an install, and only takes a few short minutes to get the CD copied and running for the first time.

I have Opera 8.52 and Flock 0.5.12 set up to _delete_ their ~/.opera or ~/.flock directories in ramdisk when these browsers are closed by the user. Done for security and to reclaim /ramdisk space.

Also, I have a preconfigured GuardDog firewall, allowing web surfing and email protocols by default, requiring no action or setup by the user, just boot the CD, and the firewall is up and doing what it does.

Tests on older computers with 128 MB of ram show that the livecd linux works just fine. I use a dual 200 mmx all the time, even for remastering.

I have a fully automated remastering script built in, and a script to copy the CD as a master copy, to a hard drive partition, for your use in remastering my CD. Both of these are very easy to use, just tell it where you want the "master copy" to be placed, and when you are ready to make an iso, tell it where to find the "master copy". These scripts are accessable via the IceWM or Fluxbox menus. Other included Window Managers are twm and KDE. Based on Knoppix 3.4, extensive changes have been made, including a choice of several mouse cursor themes on the fly. Very easy to try all of them, about 20 seconds for each. I have 12 built-in RSS feeds in Opera, they load in seconds after about 2 minutes of dial up online time, and provide an excellent preview of nearly 200 current news stories in Opera's Mail system, updated as long as the browser is open. Firefox 1.5.0.1 has 7 RSS feeds, handled as drop down lists from the bookmarks toolbar. Feel free to dig through the Getting Started Guide, link above for more unique features.

Calling all karma whores..

[EiZei]

Anybody got a mirror?

Re:Calling all karma whores..

[isorox]

Anybody got a mirror?

Yes, I use it to shave

Re:Calling all karma whores..

I bet you expected a +5 funny for that. You wish your comments were as hot as me.

my God this has to be a record

down in less that 20 comments

Hmmm

[ShaolinTiger]

Still up for me?

Load Averages 8.31 6.93 6.18

Re:Hmmm

[HaydnH]

"Load Averages 8.31 6.93 6.18"

People are complaining that it's being /.ed and you've loaded it 3 times to get load times? You mean mean man =P

Fastest whore on the block

[arrrrg]

Coral Cache

Re:Fastest whore on the block

[Thuktun]

Great, the article itself is redirecting its Coral Cache URL. Those of us behind draconian firewalls that block odd ports would be out of luck if not for Mirrordot's cache.

*YAWN* ;^O

[GomezAdams]

Read the article. Nothing see here. Move on...

/OpenBSD - Damn secure. Tighter than a grouper's sphincter at 10 fathoms.
//FreeBSD - pretty damn secure
///NetBSD - also pretty damn secure
All Free as in beer and speech.

Re:*YAWN* ;^O

[thedletterman]

OpenBSD nad NetBSD are the top two that came to mind at first for me, but apparently BSD didn't make the list at all. I wonder what that is about.

Re:*YAWN* ;^O

[RLiegh]

My guess is that there are only two Live-CD BSD distributions (to the best of my knowledge, at least); freesbie (which isn't security oriented) and one from NetBSD (which I forget the name of, and I'm not even sure is being made any more). There is no Live-CDs from the OpenBSD camp at all.

The article (and therefore, discussion) is about Live-CDs.

Re:*YAWN* ;^O

[fok]

Are they made for Pen-Test, Forensics & Recovery?

Re:*YAWN* ;^O

[kv9]

with NetBSD you can build your own. there also is some desktop centric live cd called NeWBIE

Re:*YAWN* ;^O

[thedletterman]

Yeah, I noticed this when i doubled-back and read the article in depth. i read the summary, and looked over the list and was astonished when neither of these BSD distros was mentioned, as they are pretty well known for being a high security distribution.

Re:*YAWN* ;^O

[Slashcrap]

Yeah, I noticed this when i doubled-back and read the article in depth. i read the summary, and looked over the list and was astonished when neither of these BSD distros was mentioned, as they are pretty well known for being a high security distribution.

If you read the article so thoroughly, how did you miss the fact that it was about Live CDs used for security testing? The BSD Live CDs may well be very secure, but they do not come with hundreds of auditing tools. They are therefore out of scope for the article.

dang, no mod points to mod this off-topic, lame

[meBigGuy]

you guys have serious issues. get with the program, dudes. this is the real world, not high school english class. i sure wish you grammar nazi's would go away. slashdot certainly would lose nothing, that's for sure.

Re:dang, no mod points to mod this off-topic, lame

[TehHustler]

If you are marketing yourself as a serious news outlet for technical news, then being sloppy with punctuation and grammar is not really something that looks good for your image.

Re:dang, no mod points to mod this off-topic, lame

[REBloomfield]

I was hoping he was joking.

Re:dang, no mod points to mod this off-topic, lame

Those who don't know whether to use "a" or "an" are functionally illiterate and, obviously, should not be employed as editors.

Re:dang, no mod points to mod this off-topic, lame

[meBigGuy]

If you are marketing yourself as an intelligent person, then posting comments about spelling, punctuation, and grammatical errors is not something that "looks good for your image"(??).

My personal feeling is that a mature intelligent person would send an email pointing out the error. Posting such in the article is rude, off-topic, whining which, in reality, is much worse for Slashdot than the original errors.

The errors are meaningless, harmless, will cause no loss of life, will cause no one to skip the article, and otherwise have no significant impact on anyone's life.

If they were really significant, you would stop coming to slashdot because of them. Instead, you post about them for attention. (or to humiliate them into becoming better? Is that what your parents did?)

Personally, I feel that grammar Nazi's have serious personality issues causing them to prove superiority by complaining about harmless slip-ups. Seriously folks, humans make errors. Pattern recognition characteristics of human beings can cause one to read right past serious spelling errors with noticing.

For example (I may be wrong, not being an English student), but the parent post has a missing comma.

Everybody makes mistakes. Lame, insecure grammer Nazi's point them out by posting in the article, making Slashdot less than what it could be.

If, in real life I called you a stupid lame-ass karma loosing jerk who can't think good, would you respond by pointing out my grammatical errors, or kick my ass? Get real, it's the information that counts.

Next time, see if you can just send an email to point out the errors and prove you aren't just doing it for attention.

Re:dang, no mod points to mod this off-topic, lame

Nazi's -> Nazis. An apostrophe in your given context denotes possession, which breaks sentence structure severely.

Re:dang, no mod points to mod this off-topic, lame

Why do you insist on using a split infinitive? You also eschew the word "The". A better sentence would surely be "An apostrophe in your given context denotes possession, which severely breaks the sentence structure."

Re:dang, no mod points to mod this off-topic, lame

Can you read this?

Olny srmat poelpe can.

cdnuolt blveiee taht I cluod aulaclty uesdnatnrd waht I was rdanieg. The phaonmneal pweor of the hmuan mnid, aoccdrnig to a rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is taht the frist and lsat ltteer be in the rghit pclae. The rset can be a taotl mses and you can sitll raed it wouthit a porbelm. Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe. Amzanig huh? yaeh and I awlyas tghuhot slpeling was ipmorantt!

Re:dang, no mod points to mod this off-topic, lame

[the+chao+goes+mu]

It makes your pompous, patronizing tone much less effective when you spell "grammar" as "grammer".

Re:dang, no mod points to mod this off-topic, lame

[the+chao+goes+mu]

fizzle bar to dog taco lick?
Couldn't understand that? Perhaps it is because it was gibberish. Perhaps had we agreed on some basic rules of communication it would have been intelligible. But then that would make us "grammar nazis" wouldn't it?
It drives me mad when people insist "don't need no grammer, us talk reel gud neway". Perhaps, for the moment. But without any rules for communication whatsoever we have no way to communicate at all
Worse still, the same people who whine about grammar (or often "grammer") nazis are the same people who exceptionally rigid about programming language syntax. (eg. A discussion in the recent past insisted .NET's C++ variant isn't reall C++ because it lacks features A, B, & C. [ I have forgotten the specifics at the moment.]) Why can they understand that computer programming requires an inflexible syntax, but think humans can communicate without any rules at all?

Re:dang, no mod points to mod this off-topic, lame

[the+chao+goes+mu]

And before someone brings up the argument "You forgot the 'are" between 'who' and 'exceptionally', you ain't got no grammer nohow neither so shut up!", I know that the word was omitted. It was not intentional.

Re:dang, no mod points to mod this off-topic, lame

Strangely enough, it's jumbled letters with the first and last letters in their proper place. Now suppose I used a "word" but introduced extra letters to it -- wraod...or worse, not using any letters that belong in the actual word except for the first and last...wezd -- we're back to not being able to read it. So yeah, though the example is drastic, spelling would still matter somewhat.

Re:dang, no mod points to mod this off-topic, lame

Because (most) humans are smarter than computers?

Re:dang, no mod points to mod this off-topic, lame

[networkBoy]

spelling _is_ important. Letter letter is not, thus if you are dislexic and invert letters you're likely A-OK
-nB

Re:dang, no mod points to mod this off-topic, lame

[CFrankBernard]

This is from the Slashback along time ago:

Anidroccg to crad cniyrrag lcitsiugnis planoissefors at an uemannd
utisreviny in Bsitirh Cibmuloa, and crartnoy to the duoibus cmials of
the ueticnd rcraeseh, a slpmie, macinahcel ioisrevnn of ianretnl
cretcarahs araepps sneiciffut to csufnoe the eadyrevy oekoolnr.



Translation:

According to card carrying linguistics professionals at an unnamed
university in British Columbia, and contrary to the dubious claims of
the uncited research, a simple, mechanical inversion of internal
characters appears sufficient to confuse the everyday onlooker.

Re:dang, no mod points to mod this off-topic, lame

[ryuspeed]

I think that the confusing part in your example is more the constructs and not the words themselves. That is, if you combine a sentence structure and style that is not readily apparent to the reader with jumbled words, I agree that you can confuse the reader. You have to give some hints to the reader. The majority of your text was readable without too much issue, but I don't normally associate professionals with universities (professors, maybe) and "inversion of internal characters" doesn't just jump into my mind.

I would argue that it's easy enough to confuse an average reader with properly spelled words given a sufficiently complex sentence structure. All the same, it's still fun. :-)

Re:dang, no mod points to mod this off-topic, lame

[ryuspeed]

You misspelled rscheearch it should really be rscheearechr (or equivalent).

slashdotted top ten

1. BackTrack
2. Operator
3. PHLAK
4. Auditor
5. L.A.S Linux
6. Knoppix-STD
7. Helix
8. F.I.R.E
9. nUbuntu
10. INSERT Rescue Security Toolkit
Extra - Knoppix

Re:slashdotted top ten

[zerocool^]

I'm running a Knoppix-STD mirror at the Virginia Tech CS Dept Mirror. I've emailed them back and forth, but they haven't added me to their site. Try not to pound the K-STD site; they don't have a lot of bandwidth. And if you want to download it, I'm probably as reliable, if not more so, than the other mirrors listed.

~Will

e-penis??

"...e-penis..."

This is a product I haven't heard of before. I only have a regular penis myself. Perhaps you can enlighten me here:
  - What advantages does an e-penis have over a regular penis?
  - Can you e-mail it to your girlfriend every night when you are on business trips to keep her out of the arms of other men?
  - Is driver support a problem?
  - Can it be overclocked?

Re:e-penis??

[mrogers]

Can you e-mail it to your girlfriend every night when you are on business trips to keep her out of the arms of other men?

You can, but you should use PGP to avoid the risk of a man-in-the-middle attack.

Re:e-penis??

[pneumatus]

"...e-penis..."

You forgot 1 vital question,
- Does it run Linux?

Re:e-penis??

No, only UNIX!

Re:e-penis??

[MaxPowerDJ]

Imagine your e-penis crashing in the middle of an intensive session... would you want your e-penis running Windows? You wouldn't want to manually restore it...

Re:e-penis??

[Butterspoon]

"...e-penis..."

- Can it be overclocked?

Oh dear. I read that as "overcocked"...

At least read the title of the articel

[Propaganda13]

"10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery)"

The BSD's are not Live CD Distros used for penetration-testing, forensics, or recovery.

No BSD?

[putko]

What about that OpenBSD-based live CD? Isn't that a top security OS?

Or is this thing only for Linux?

Re:No BSD?

[Professor_UNIX]

What about that OpenBSD-based live CD? Isn't that a top security OS?

OpenBSD is a strong server operating system but it makes a horrible forensics toolkit base because of the lack of the level of hardware support that Linux enjoys. I'm not bashing it as a server OS since you can pick and choose the best supported components in that environment, but when using it as a forensics tool you have to support a wide variety of very oddball hardware that a desktop or server might contain and Linux is better at doing that.

Re:No BSD?

[Ratbert42]

Top secure OS, not top hacker OS.

Re:At least read the title of the articel

[GomezAdams]

OpenBSD and FreeBSD have live distros. Don't know about NetBSD. Google is your friend.

OliveBSD?

[wick3t]

Although it's not a linux distribution, surely any live CD based on OpenBSD deserves a mention!

Attention: a link from 1 LiceCD infected by worm

Immediatly I tried to choose the first LiveCD, just known like Whoppix. I have download the ISO image, I choose the fix and I clicked a link for the FIX installer..... Our first barrier (Sym Web Sceurity) cannot see a malformed html page, I was lucky. I'm using a VM virtual machine with XP. The VM crashed. The HTML page started: - Win32/Worfo 2 times - Win32/MS05-002!exploit 1 time - JS/MS05-054!exploit 8 times Good luck

How about "Live USB Key" distros?

[timeOday]

Anybody know a distro that's easy to install and run from a USB key?

I've found instructions on doing this for some distros (including Knoppix I think), but the step-by-step was too long and involved.

Re:How about "Live USB Key" distros?

[Mark+Clegg]

I remember reading about on some time ago. - http://runt.mybox.org/

Re:How about "Live USB Key" distros?

[spydir31]

You can run RIP( (R)ecovery (I)s (P)ossible ) rescue system from a USB key, and you could probably adapt it's instructions to something else
RIP site

Re:How about "Live USB Key" distros?

[farker+haiku]

Check out http://slax.linux-live.org/, it's a 185 MB distro. Or you can roll your own.

Re:How about "Live USB Key" distros?

[Frogg]

If i recall correctly, if you boot the latest version of PHLAK there is an icon on the desktop to install a mini version of PHLAK to removable drive.

It worked for me, took only moments, and didn't require any technical shenanigans (beyond knowing where my usb drive was mounted, i think)

This is all from memory, as the PHLAK site seems unavailable right now.

Of course, it's your decision as to whether PHLAK is any good as a general purpose day-to-day linux distro.

Re:How about "Live USB Key" distros?

[Xerp]

There are loads. Personally I use Devil Linux, and in fact, you can run pretty much any distro with tweaking ;) Yes, I know.. you said easy!

The main thing you need to consider is the size of the distro. I'm got a full 512 Mb on my stick, so its not too bad.

Anyway, as far as easy goes - grab Damn Small Linux. Or Feather Linux.

I remember seeing Mandrake Go! or something a while back as well. Haven't tried that one though.

You may also like to head over to Live Distro for some light reading!

Re:How about "Live USB Key" distros?

[korbin_dallas]

Damn Small Linux.

http://www.damnsmalllinux.org/

Its pretty easy, but its very difficult to separate the 'old' docs from the 'new' info about some sections of the system.

Make a cdrom, boot a box off that, then from the menus, choose to create a bootable usb OR a usb that can be started from within Windows or Linux as a guest OS.

BUT:
Of the many hundreds of computers here I have not found one that would in fact boot from USB!

Running as a Guest OS inside of Windows doesn't provide any Network Access. Now Qemu site says its possible, but its not obvious how to configure such a thing.

Adding your own stuff. It is very difficult, for some reason, to package your own stuff for use with DSL(mostly lack of clear docs). We have our own programs we want to add, so I have to figure this out myself.

Re:How about "Live USB Key" distros?

The mini version of Pentoo can be put on usb stick. There's infos inside the iso for howto do it and in their forums.

Re:How about "Live USB Key" distros?

I run Puppy Linux from a credit card CD, it can install automatically onto a usb once the distro has been run from a cd. Works well, but kills your usb key pretty quickly. DJ

Re:How about "Live USB Key" distros?

[el_nino-2000]

I've also been trying to find a good distro that will run from a USB key for diagnostic uses.

Does anyone know if it's possible to have both Linux AND Windows based bootable USB key? Maybe partitioning it... I'm not sure. All the diag software vendors like Dell, etc. have software, but it only runs on Windows or in DOS, so that's why I'd like to have both.

Re:How about "Live USB Key" distros?

[korbin_dallas]

FollowUp:

Some apps are easy to add. I have a static compiled program and 3 executable Java Jar files. Adding the jre15.dsl (from the dsl website) and the jars to the / of a pendrive is easy. Then boot the DSL cdrom and use the mydsl option to load the 'modules'. This is per some DSL Wiki info.
Search for 'create package'.

Its HARDER if you need to compile some program and dynamically link it to the libs. I found the easiest way is to install DSL to its own HD partition, then use the myDSL tool to download gcc, c libs, kernel headers etc. Thats very easy with the myDSl tool and net access. Then build the app on DSL. At this point my DSL build partition consumes about 500Mb. From there I have to determine the libs, apps, deps and config stuff to put into a package.

BTW I am doing this so I can create a 'portable' Test system, that I can load onto any PC with a network card, to be used in our software test lab.
You know the kind where we get hand-me-down computers that are well past their useful life. They are typically p2-400 or p3-500 slot 1 pcs. They tend to die at the worst times.

Hope that helps someone.

weeding is crap in the rain, plot gets all muddy

[fantomas]

I agree, rain when you're weeding is terrible, the vegetable patch gets really muddy and you end up with flu. I tend to go and find something else to do, like mess around with linux distros on my spare computer. Watch yourself in that damp weather!

Re:weeding is crap in the rain, plot gets all mudd

Uh, you noticed his username right?

Oops

[Slashcrap]

thedletterman - Sorry about the above flame. I misread your comment - obviously you did notice. That does make you the odd one out though...

Insert Linux

[swtaarrs]

The best one I've found is Insert Linux. Once you download, burn, and boot from the ISO, there's a menu option in fluxbox to install to a usb key. All you have to do is make sure the the first partition on the drive is at least 64MB and it'll do the rest for you, formatting the partition, copying files, and installing the bootloader. I haven't used it a whole lot, but they pack a lot into 60MB.

Re:Insert Linux

[rwhamann]

I haven't used it a whole lot, but they pack a lot into 60MB.

You give us 60mb, we'll give you the world.

Re:Insert Linux

[permaculture]

I really want to boot from a USB pen drive. The file downloaded OK and the CD booted OK.
Rightclick desktop and choose "Applications, INSERT, usb-install"
Now a confusing choice, which device: hdx/sdx/ubx?

UBX -> "Error creating EXT2 filesystem"
SDX -> seems to have overwritten my hard drive (no matter, it's a test PC)
HDX -> leave this for later

I think this PC has: sdc, sda1, sda5, sdb1, and sdc - might it be one of those?

Or can you help me use fdisk to check my USB device name? I managed to get a CLI and type "fdisk" in, but there's syntax to puzzle over. I tried a few things but nothing really got anywhere.

Many thanks :)

Re:Insert Linux

[dylan_-]

Probably /dev/sdb or c. Simple way to check: Leave the thing unplugged on boot. Start up a terminal and type "dmesg"...see what it ends with? Now insert the drive. Type "dmesg" at terminal again. Should have added some stuff about usb-storage where it names the device.

Re:Insert Linux

[permaculture]

Cheers dylan, that's got me going.

sda1 = HDD partition 1, sda5 = HDD partition 2, sdc = USB

much obliged :)

Re:At least read the title of the articel

[goonerw]

OpenBSD and FreeBSD have live distros. Don't know about NetBSD. Google is your friend.

What part of 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) did you not understand? The ones reviewed are geared towards forensic analysis and such, not just a secure OS in general. From what Google tells me, there aren't any live BSD systems that fit the article's title.

Adios / UML

[Locarius]

I am suprised that they did not include Adios. The nicest feature is the ability to run multiple Linux kernels in userspace (User Mode Linux). It also comes with heaps of security tools on the LiveCD.

Wrong Title

I'm pretty sure the title should read
"The Only Ten Security LiveCD Distros, and we Kind of Stretched The Word Security on Three of Them."

INSERT is also part of the Ultimate Boot CD.

[Richard+Steiner]

The Ultimate Boot CD is a nice collection of memory, CPU, partition, filesystem, benchmarking, and BIOS utilities, and the "full" version of the UBCD contains INSERT as well as all of the other stuff. Quite a nice collection of utilities and diagnostic software on one CD.

Re:At least read the title of the articel

There is a NetBSD live CD called NeWBIE (Newbie). Right now its focus is on the desktop user but it will be used as a base for creating a NetBSD pentest live CD. Ironically, it is made by people who also make a Linux live CD for pentesting called Arudius. Search Google for "arudius" or check this link. Both CDs are described there.

Just throwing security apps on a livecd distro

[walterbyrd]

Is not all that impressive to me.

Also, it seems to me that a rescue CD should not, by default, boot to a GUI. It slows down the boot, and is not that useful when GUI can not be loaded. People who use these should know how to use the command line.

Re:Just throwing security apps on a livecd distro

[PitaBred]

I'm sure they do. But a command line has much lower resolution than a full X11 setup, and believe it or not, graphics can sometimes convey more information faster than lines of text (you have heard the picture is worth 1000 words saying, right?). But performance is why the DE's that these use are things like FVWM and Fluxbox rather than KDE for the most part.

Re:Just throwing security apps on a livecd distro

[r3adah3ad]

I believe Backtrack boots to command line by default.

Live CD's for Power PC

[Cap'n+Awesome]

Any sugestions for a security focused live cd that will run on a PPC chip.

Re:Attention: a link from 1 LiceCD infected by wor

[PitaBred]

You know, this might have been an interesting post if it was coherent...

is BackTrack one time only??

I just burnt backtrack to try it out, I booted the computer with the CD, it looked decent. then I rebooted into windows to write down my IP address, but the second time I tried to boot from the CD it got stuck in the hotplug hardware detection phase. I tried this sequence on another computer (exactly the same) and the same thing happened(first time it worked, second time failed to boot due to the same thing). THIS IS VERY WIERD, isn't it? is this thing writing anything on my hard dirve ?
otherwise how on earth can behave differently each time when it's read from a read only media ?? (CD-ROM)

Does anyone have the IP address and/or copy?

[pbrammer]

Looks like their DNS servers are not responding to my queries when I try to resolve www.darknet.org.uk. Does anyone have the IP address of that site? How about a copy of the article? The listed nameservers (ns[12].malaysiablogs.com) appear to be unresponsive.

Re:Does anyone have the IP address and/or copy?

[pbrammer]

They are resolving now. Thanks.

RO-OS

[Doc+Ruby]

One of the best features of a secure Live CD is that the read-only media prevents attacks from writing to the stored OS (on CD). I'd love to see a virtualization system that reloads the OS from the CD every so often (hours, minutes, seconds) and switches all processes to the new, more trustworthy instance.

Maybe a safer system will just reload a single watchdog instance from the CD, which checks itself against the other running instances.

Any difference would send an alarm out of the system.

Of course, the virtualization layer itself needs authenticity checks. But that might be possible against a CD image, and in any case would be no less secure than without this system I'm describing.

Re:RO-OS

[swab79]

What is somebody switched the CD?

Re:RO-OS

[Doc+Ruby]

The OS should send an alert when the CD drive is opened, and assume the CD has been violated. A more secure kernel might allow the CD drive to open only in single user mode, for OS upgrades. A more secure system might not allow the CD drive to open at all, requiring upgrades to open the CD on a separate machine, and coldswapping the CD/drive only by those with access to powercycle the machine and upgrade its hardware.

There's still not a lot of good protections from physical access to the machine. My suggestions are useful in protecting from remote attacks, like most defense strategies.

Comment removed

[account_deleted]

Comment removed based on user account deletion

suitability for WEP cracking

[NaDrew]

Let's say there's a WiFi AP with basic WEP at a bookstore near me, and let's say I want to crack it. Does one (or more) of these LiveCD distros include the necessary tools?

Re:suitability for WEP cracking

[Sigg3.net]

Whoppix, Whax, Auditor, Backtrack etc...
I think the well-known "how to crack WEP in 10 minutes" flash video was done in Whoppix.
All you need is love. And airsnort, aireplay and airocrack.

troll

[Sigg3.net]

Google is your friend.
In China, google is not.