Three Birds with one stone: BSD, security related, liveCDs
This post has the potential to be convoluted, so I’ll try to clearly state why it is flowing out of my fingertips. There are three reasons really. First off, I need a liveCD to recover an administrator password on my laptop, and my KNOPPIX iso seems knackered. Secondly DEFCON is coming up, and I have been interested in all things security lately, so why not get a more security related liveCD. Thirdly, Mike, Jamyn and the late Wayne (he didn’t die, he just left) of the [bs] list are BSD fans as are many others. Maybe others would be interested in BSD live CD. Not to mention the fact that these same people all tend to be security minded as well. BTW, this article is in *NO WAY* intended to be exhaustive, just as complete as practically possible tonight.
As many of you know, DEFCON is coming up soon on August 4-6, and there is a bit of a buzz in the security community this time of year as it approaches. So this is a good time to look for developments in comptuter security.
Kris mentioned that Fyodor has come up with his top 100 security tools. This is done by popularity and is conducted on an nmap list. So, Fyodor left nmap out completely and admits that his audience has more of a bias toward “attack” tools rather than defensive ones. From this top 100, he extracted a Top 5 security related OS page. Of these five entries, there were three that caught were liveCDs: Number 1 of 5 was Backtrack, 2 of 5 was Knoppix, and 4 of 5 was Helix. For more information, go check out his review, but two of the three entries caught my eye. Here are Fyodor’s descriptions:
BackTrack : An Innovative Penetration Testing live Linux distribution
This excellent bootable live-CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.
Helix : “Helix has been designed very carefully to NOT touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.”
Now, Knoppix is pretty popular, it had a rank of 60/100 overall. Backtrack got 32 and helix got 94 overall. Keep in mind that 1) the survey was based on popularity, and 2) there is a bias toward the offensive. Forensics tend to be more passive. and Knoppix is really popular. Point being I think both Backtrack and Helix deserve some attention. So there were no live BSD CDs. (OpenBSD got #3, but it’s not a live CD). Once again keep in mind that this is based on popularity.
Moving along, Andrei Raevsky wrote an article in DistroWatch called “A comparison of BSD live CDs”. He says, “[he] tested all the BSD live CDs [he] could get [his] hand[s] on: FreeSBIE 1.1, FreeBSD LiveCD 1.2, Frenzy 0.3, AnonymOS 2006, OliveBSD 3.8 and NetBSD Live! 1.6 (editor’s note: a newer release of NetBSD Live!, version 3.99.7, is available from here).” He sums up: “My overall impression was that BSD live CDs are not on par (yet) with their GNU/Linux cousins, but that they are catching up fast. The clear winner from my, admittedly unscientific, evaluation was Frenzy, which was the only distribution to perform (almost) flawlessly on all my machines.” He gives credit where it is due, and in my “unscientific” opinion is fair. He has 4 machines he tested on, and many of them didn’t run on at least 2.
Although he was dissapointed with OliveBSD which is OpenBSD based, others have had plenty of luck with it, he says. I’m going to count that a security option just because it is OpenBSD based, though there may or may not be security or network related tools. Also of note, Frenzy boots really fast and the project defines itself as more Security and Network related. 1.0 of Frenzy was only just released in June so people really haven’t had a chance to try it yet. Anonym.OS has a privacy focus, using some tools few have heard about like Tor (or try the Tor Wikipedia article) which is a lot like the old Crowds. That’s beyond the scope of this article, so I won’t go fully into it here.
I’ll try Frenzy, and maybe the other two, time permitting. I’d be interested to hear anyone elses experiences or opinions after having tried it. I’ll post on my experiences as time and I permit.
July 25th, 2006 at 11:48 pm
[...] Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur? At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia deserunt mollitia animi, id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio. Nam libero tempore, cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus, omnis voluptas assumenda est, omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus, ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat. [...]
July 26th, 2006 at 1:08 am
[...] So says the Project’s homepage, and so it is. I recommend this as a very clean and fast FreeBSD based livecd. It has a lot of Fyodor’s top 100 packaged into the cd as well. To see some of the other liveCDs I tried out, but haven’t finished writing about yet, look at the other article I wrote about security related BSD liveCDs For Smaug, I include the following couple of screenshots. Notice the XMMS (it picked up audio on my Dell D610 and just worked), and the browser Opera. Look at some of the other tools on those menus. Download this small 200MByte iso and boot it up. I don’t think you’ll be disappointed at all. All the useful commandline commands are on menus too, so if you click on, it invokes in a shell with the help option so that it tells you how to useit: [...]