Knoppix optimised for Network security

**minhsao** · 03-27-2003, 04:41 PM

FYI... With the new version of Knoppix, kismet 2.6 works great!!!

**Berdt** · 03-31-2003, 10:07 AM

maybe it is a good idea to add the Citrix ICA client, behind the present rdp and vnc clients?

**drewbradford** · 03-31-2003, 10:15 PM

Don't forget the NTFS tools. It can come in handy to be able to use ntfsresize.

**mmaki** · 04-01-2003, 05:29 AM

What are the NTFS tools? Please list them here and I'll try to include them.

**drewbradford** · 04-01-2003, 08:03 AM

They are available at http://linux-ntfs.sourceforge.net/.

Some of them are experimental, but they are fairly small in size, so it's worth including as many as possible.

**shadow** · 04-12-2003, 07:40 AM

Don't forget to install the chkrootkit tools as well. These would be very useful to me.

**stars** · 05-18-2003, 07:27 PM

Anyone still interested on this ?
I guess I will be picking up on this to create my own security/forensic/etc tool kit.
But it would be nice to get some help

Like suggestion on how to add modules easily. I think morphix is a nice idea but I would like to use the standard Knoppix release as there seem to be a lot of updates on drivers, etc.

All I need is to make a standard list of apps to remove (eg open office, kde organizer, etc) to make way for the security modules/packages.

Any comments?

Thanks!

**mmaki** · 05-18-2003, 11:13 PM

I still have the remaster I did that contains the packages I listed in the 2nd posting of this thread. I have been meaning to post it with BitTorrent but have not yet. I would actually like to remaster it with the latest 3.2 but .... gotta find the time.

**funtasmc** · 05-20-2003, 01:10 AM

I built a re-master of Knoppix 3.2 with as many of the "Top 75" list at insecure.org as I could....

All I did was do an apt-get install on all the packages by name. So, only the latest version with Debian packages out there were installed. Next revision, perhaps I will put some effort into the apps. I put the real effort into actually doing the re-mastering.

I took regular Knoppix and removed the foreign KDE locales (afterall *I* am American, everything should be the way *I* want it.

). This gave me more than enough space to add:

Snort (with default rules)
dsniff
whisker
John The Ripper
Nikto
nbtscan
Xprobe2
Ngrep
THC-Amap
Nemesis
fragroute
fping
TCPtraceroute
tcpreplay

--------------------------------------------
Knoppix 3.2 already included:

Nessus
Ethereal
Netcat
tcpdump
hping2
ettercap
openssh
Kismet
airsnort
GPG
Perl
OpenSSL
lsof
hunt
stunnel
The Coroner's Toolkit
arpwatch
dig

The rest of the Top 75 were either for Windows, were not "free", were not available as Debian packages or didn't really apply to a LiveCD distro (like firewalls, other OSes, etc).

I am more than happy to share the end result. I just don't have a fat enough pipe to share the iso out on my own network. Perhaps soon I will, and perhaps by then I'll have made the re-master even better.

Mike
PS: Thanks to the Knopper team for the AWESOME distro.

**t1ck_t0ck** · 05-20-2003, 04:47 AM

I also have a customization like this nearly done: Knoppix-STD (security tools distribution). It includes tools organized as follows (a lot of these come with Knoppix by default):

cracker: john with custom dictionary and AFS,NTLM,MySQL patches
crypto: openssl, gnupg, stunnel, etc
firewall: iptables & gtkiptables
forensics: sleuthkit, autopsy, fenris
honeypot: honeyd, labrea
ids: snort, aide, syslog
net-utils: etherape, ntop, cheops, arpwatch, etc
pen-test: many many pen test tools
servers: dns, irc, xinetd, apache, cryptcat, samba, etc.
sniffers & assemblers: ethereal, tcpdump, ngrep, netsed, paketto, ettercap, etc.
vuln-test: amap, nmap, nessus, snot, hping2, chkrootkit. nbtscan, etc.
wireless: airsnort, kismet, wavemon, wardrive, patched orinoco

hardly a complete list, but you get the idea. I'm trying to score some hosting now. I'll post a general announcement and to this thread when it's up. I'm hoping to have it up by June 1st.