PDA

View Full Version : Knoppix-STD The double edge sword



spazzman
07-11-2003, 12:05 AM
I have enjoyed this forum and all its threads. I learn alot from people who post here. Newbies and Debian veterans alike. My basic question is " Is Knoppix-STD more a tool for Script Kiddies and Blackhats or is it more a tool for Security minded Whitehats? " Software can be found here: www.knoppix-std.org

madtripper
07-11-2003, 01:37 PM
I'm brand new to it and have little experience with most forms of linux in general. I'm not sure if there is a general consensus or not but I picked it up to get a better grip on network security which I believe falls under your "whitehat" category. There is a definite strength in this setup and while the original intentions may or may not have been security breaching, a great byproduct that came along is a very secure operating system that seems to be almost bulletproof. I am having a good time with it but as I said, linux is pretty much new to me.


Tripper

rdoma219
07-12-2003, 10:01 PM
Although this os can be used for maliscious purposes as noted from some earlier threads, I would hope that this will not be the predominant use for it. I am new to Linux and find it a new challenge and a refreshing change from m$. I am looking forward to reaping all the benefits that Linux has to offer. I amsure that I will be looking for help from newbs as well as vets. And I also hope that the script kiddies will be recognized by seasoned pros and exposed in this forum. To all those who have helped and all those that will, a very large thank you, and my white hats off to you!!!
:shock:

t1ck_t0ck
07-17-2003, 09:47 PM
Like all tools, it's the usage and motivation of the user that defines it. I can use a hammer to build a house or to crack open someone's skull. Knoppix-STD is no different. Almost all of the tools could be used maliciously or with good intent. Even your standard web-browser can be a malicious tool in the wrong hands (think Unicode traversal attacks).

What are people using STD for? I'm seeing far more "legitimate" uses than malicious. Government agencies are using it. I have word that several branches of the US military are using it. Private businesses are using it.

And more than using it they're LEARNING from it. Overly taxed security admins finally have an preconfigured environment to play with tools that they may have never touched before. I got an e-mail from one admin that is finally using Intrusion Detection on his network after learning how through STD. Home users are learning how firewalls work. One admin was able to completely restore a dead Windows NT PDC with STD before any of his users showed up for work. STD may have saved that admins job.

Do I get feedback from the script kidz? Sure. Most are double clicking on the Knoppix directory in Windows and are angry that "the stuffs broke".

STD is just a tool, but I get the distinct feeling that it is securing much more data than it is breaching.

t1ck_t0ck@knoppix-std.org
http://www.knoppix-std.org