f



Hi, There are a number of security specialized Linux live-CDs out there, including: * Knoppix-STD * Local Area Security Linux * Phlak * Whax * Auditor Security Linux * Linux Defender * Er

Hi,

There are a number of security specialized Linux live-CDs out there,
including:

* Knoppix-STD
* Local Area Security Linux
* Phlak
* Whax
* Auditor Security Linux
* Linux Defender
* Erpross Live (in German only)
* Arudius
* Operator

Which, if any, do you use? Why? Can you compare/contrat these tools?
Which would you reccommend to an aspiring security professional?

Thanks!

Alex

0
alex
11/17/2005 6:28:26 PM
comp.security.unix 708 articles. 0 followers. Post Follow

4 Replies
1045 Views

Similar Articles

[PageSpeed] 14

Begin  <1132252106.677760.297830@g49g2000cwa.googlegroups.com>
On 2005-11-17, alex <alex-voz@list.ru> wrote:
[snip: ``security linux live cds'']
> Which, if any, do you use? Why? Can you compare/contrat these tools?

Since ``linux'' in and of itself is merely the kernel, and if that
weren't so it'd be kernel plus basic utilities, any ``security tools''
will be both the real added value and (if they're any use at all) not
specifically bound to linux nevermind a specific livecd, your best bet
is to a) get yourself lists of the tools included per livecd and compare
the lists, and b) try a couple and see for yourself what you like best.

Personally, I use FreeSBIE.


> Which would you reccommend to an aspiring security professional?

The distributions are merely collections of tools certain people like to
use, but the very fact that there are many should already tell you there
is not a single answer to your question.

I hope you'll agree with me that while no professional likes to work
without good tools, it is hardly the tools that make the professional.

So I would _suggest_ learning about unix (not specifically linux
related, you can add the linux specifics after getting to know the unix
philosophy), and networking basics. After that you can build on that
with more specific security and risk related materials. That will give
you a handle on the sort of thing you'll want tools for. Once you know
that, you can go out and look for tools you might want to use. I think
the nmap creator's site has a list of tools many people use and/or like.

A good source that is often overlooked but deserves to be read more
often is the discussions on the Computer RISKS mailinglist, and digests
of same are regularly posted to comp.risks. If nothing else, look
through its archives for book reviews on security and risks. See

  http://catless.ncl.ac.uk/Risks/


-- 
  j p d (at) d s b (dot) t u d e l f t (dot) n l .
  This message was originally posted on Usenet in plain text.
  Any other representation, additions, or changes do not have my
  consent and may be a violation of international copyright law.
0
jpd
11/17/2005 7:08:02 PM
jpd wrote:
> Personally, I use FreeSBIE.

What an interesting choice!  What did you choose FreeSBIE?  How does
the live-CD version of BSD of FreeSBIE compare to the other *BSDs?  How
does this FreeSBIE give you which a GNU/Linux live-CD would not?

Many thanks in advance!

Alex

0
alex
11/17/2005 9:24:51 PM
Begin  <1132262691.906316.79800@f14g2000cwb.googlegroups.com>
On 2005-11-17, alex <alex-voz@list.ru> wrote:
> jpd wrote:
>> Personally, I use FreeSBIE.
>
> What an interesting choice!  What did you choose FreeSBIE?  How does
> the live-CD version of BSD of FreeSBIE compare to the other *BSDs?  How
> does this FreeSBIE give you which a GNU/Linux live-CD would not?

I can work with (and have) just fine with NetBSD and OpenBSD, (and
linux, for that matter) but for my daily workhorse, I use FreeBSD.
In that light, a FreeBSD based livecd makes sense, or at least
is convenient to have. If you had cared to check their site at
http://www.freesbie.org, you would have known FreeSBIE is based on
FreeBSD, as this is mentioned right on the first page.

Beyond convenience, there are no real advantages between different
collections of security tools, not to mention that the specific un*x
they run on top of is largely irrelevant, nevermind at all the specific
flavour of packaging tools or the collection of desktop themes included.

In fact, it does not make sense to specialize on just one system for
a variety of reasons, the simplest of which says that by their very
nature, security considerations have to be holistic to be effective.
After all, it doesn't make much sense to search for holes in the fence
if the front gate is missing.


-- 
  j p d (at) d s b (dot) t u d e l f t (dot) n l .
  This message was originally posted on Usenet in plain text.
  Any other representation, additions, or changes do not have my
  consent and may be a violation of international copyright law.
0
jpd
11/18/2005 7:50:54 AM
jpd wrote:
> Begin  <1132262691.906316.79800@f14g2000cwb.googlegroups.com>
> On 2005-11-17, alex <alex-voz@list.ru> wrote:
> > jpd wrote:
> >> Personally, I use FreeSBIE.


I just ordered a copy of FreeSBIE. I always wanted to try *BSD anyway,
so this is a good opportunity.  Being a long-time GNU/Linux user myself
(mainly Debian) I wonder how FreeSBIE will feel to me.

Would you happen to have any good book reccommendations for
FreeSBIE/*BSD for a GNU/Linux user?

Cheers!

0
alex
11/18/2005 4:44:17 PM
Reply: