Re: Bootable Nmap virtual network CD

[Brian Hatch <bri () ifokr org>]

> knoppix-std hacked into something fancy would certainly be a neat plaything but
> I agree with Fyodor that it should not be a priority. To add a little addional
> interest it could be possible to chuck in a few other free operating systems,
> i.e. enough to have an IP stacks and a couple of open ports but no more,
> running under emulation. Naturally certain well known proprietary apps would be
> out the window but there would be no reason why the Bochs emulator couldn't
> included on the CD it is at http://bochs.sourceforge.net/. From memory
> knoppix-std has a FAQ somewhere on how to modify the contents of the ISO and
> then create a new ISO. 

You could have any number of linux virtual machines if we had
a kernel with user mode linux built in.  Since the virtual
machines can be built off of one master drive image each with
their own copy-on-write version, you could have a boatload
in a small amount of CD space.  Doesn't buy you much over
honeyd, but you could have actually different UML kernels for
the OS detection examples.

Bochs, while it'd be pretty slow, would be good too, because then
you could include a freebsd/etc virtual machine.  We're still out
a windows and proprietary unix (solaris, etc) but I think we'd
be pushing the amount of stuff we could fit on a CD anyway.

UML Knoppix kernel, say 4 different linux kernel binaries
(a few 2.2, 2.4, 2.6) each built off a single minimal
(tomsrbt, most likely) filesystem, with their own COW file,
each running honeyd with different fictitious processes and
some true inetd/xinetd services should do nicely.  Add in
a *BSD or two via Bochs, you have a very nice network.


--
Brian Hatch                  "Gates' Law: Every 18
   Systems and                months, the speed of
   Security Engineer          software halves. "
http://www.ifokr.org/bri/

Every message PGP signed

Attachment: _bin
Description: