Home page logo
/

basics logo Security Basics mailing list archives

Re: exposure to bootable Linux distros
From: Greg Tracy <greg () sixx com>
Date: Wed, 10 Mar 2004 15:20:52 -0500

I've had a lot of experience with a wide variety of these (live CDs), and am
in fact playing around with remastering Knoppix for my young son to use for
educational games. If you like PHLAK, you'll love Knoppix-STD (Security
Tools Distribution).

http://knoppix-std.org

It's a more mature release and has better hardware detection, as well as
better support for wireless tools out of the box. The most recent release
boots into fluxbox by default and offers a web page that opens on boot that
lists and explains all the tools included on the CD. It's a lighter weight
distro and has a pretty large following.

A CD that is popular with a friend who is involved in forensics is F.I.R.E.
(forensic and Incident Response Environment). I haven't used it personally,
but I'm aware that some of it's freatures are bundled in STD and PHLAK. It's
at:

http://fire.dmzs.com/

Greg

From: "Jim Clark" <jclark () cmanet org>
Date: Thu, 4 Mar 2004 17:17:24 -0800
To: "Chris Halverson" <chris.halverson () encana com>,
<security-basics () securityfocus com>
Subject: RE: exposure to bootable Linux distros

Am currently testing PLAK. So far greatly impressed.  It is a little
hard at first but the tools are phenominal.  FWIW.

-----Original Message-----
From: Chris Halverson [mailto:chris.halverson () encana com]
Sent: Thursday, March 04, 2004 9:20 AM
To: security-basics () securityfocus com
Subject: exposure to bootable Linux distros




Has anyone had exposure to Operator (built from Knoppix) or PHLAX?  I
haven't been able to download and try them but it was brought up in one
of my classes that I am taking.



What purposes do you pentest with these?

External perimeter security, DMZ or internal?

How would you block non-authorized users from utilizing these? (with the
exception of BIOS password protection and disabling the floppy, usb and
cdrom boot capabilities)

------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault