Do you want to evaluate the security of Linux without having to go through lengthy installation and configuration processes? In this article, we will introduce four packages: Auditor, Whoppix, Knoppix-STD and phak. After using these packages, you can use LiveCD.
A truly secure system can only be shut down and powered off, placed in a closed room in a concrete pouring building, and equipped with police to guard.
Many of us have not tapped into the security of our systems, So how should we assess system defects? Or is a computer connected to the Internet having such a defect? And there will be many vulnerabilities? How should we determine the security level of the office network?
Considering these potential insecure factors, I searched for some tools on the Internet to help evaluate the security of the system and network, and ultimately hoped to enhance the security of the system. My search has obtained some results: some excellent tools can be downloaded and used for free. This document describes these security evaluation tools and uses them to quickly and easily test the system.
Rich tools
In addition to making the system more secure, there are also some tools that can be used to determine the system's ability to withstand various attacks, such:
By using firewall tools such as blockall, You can restrict all TCP communication. By using tools such as floppyfw, You can implement a firewall in a floppy disk.
Labrea is a "stick honeypot" that can limit worms and Port Scan attacks to eliminate their impact.
There are also many Intrusion Detection Systems (IDS), such as the Popular Snort and logsnorter.
Packet sniffing devices, such as ethereal, dsniff, driftnet, urlsnal, and msgsnscarf, can help filter unused communication, such as IM messages that will waste bandwidth.
Wireless tools, such as airsnscarf, airsnort, and kismet, can help evaluate wireless networks.
Some successful tools, such as chntpw can reset the password on Windows) and pwl9x can attack Windows 9x password files), and allwords2 a 27 MB English dictionary) this allows you to use a longer non-standard password containing numbers.
If you think this involves all aspects, try the defect assessment tools, such as hydra, nessus, and nmap.
Hey! Most tools can only run on Linux!
Now Linux is not a problem. After all, it is free and I can run it on my own system. But who wants to spend the last weekend installing and configuring the system? At least I don't want. What if I want to test the machines used at work? Do I need to be authorized to install Linux on it?
Here is a very simple solution. This is where. Welcome to the world of security assessment tools on LiveCD.
About LiveCD
LiveCD is an operating system and other software that is saved on a bootable CD-ROM) from which OS can be started without a long installation process. Most of them are based on the Linux kernel, but some livecds are prepared for other operating systems ).
It puts these files on a RAM disk at work, which reduces the amount of RAM that can be used by applications and reduces system performance, but don't forget, our goal is to evaluate the security of the system ). Once LinveCD is removed and the system is restarted, the original system is restored.
Some LiveCD also provides an installation tool that can be used to install the system to a hard disk or USB disk; most of these livecds can access information on internal/external hard disks, disks, and flash disks.
Syslinux is used to start Linux-based LiveCD and Linux floppy disk. For PC, CD boot is generally subject to El Torito specifications, which may hide a file on the disk) as a floppy disk image. Many LiveCD uses a compressed file system image, which usually provides a cloop compressed loopback drive to effectively double the storage capability.
There are some simulators on the market that can be used to test LiveCD without burning it to CD and starting it on a computer. The most widely supported i386 simulators are VMWare. Other simulators include Qemu, PearPC, and Bochs, which can be used to simulate x86 and/or PowerPC platforms. However, they are different Based on the simulation methods they adopt, they are faster than some commercial versions. Another commercial version of the simulator is VirtualPC.
Now let's take a look at some LiveCD security tools.
Auditor
Auditor security tools are based on Knoppix. Since there is no installation, we just need to put the CD in the CD-ROM for a few minutes to start using the analysis platform.
Max Moser, the main developer of Auditor, points out that the menu structure of the LiveCD environment is its biggest advantage. You can use the correct tool even if you do not know the Tool Name.
In addition to about 300 tools, the Auditor security package also contains training information about standard configurations and passwords, as well as a list of words in various regions and languages, with about 64 million pieces.
CD also contains some auxiliary tools, such as Web browsers, text editors, and some graphical tools that can be used to create analysis reports.
You can use the auditor-hdinstall script to install Auditor on the hard disk. You should have 2 GB of hard disk space. The installer does not create partitions for you. Therefore, make sure that partitions and formatting are performed in advance.
The automatic configuration script of LiveCD simplifies the use of various hardware. Moser points out that wireless tools such as Wellenreiter and Kismet can be configured using automatic hardware identification tools, which avoids the annoying configuration tasks required when using wireless NICs.
Related Articles]
- Distribution software on Linux LiveCD
- A good tool for Linux: LiveCD
- LiveCD Based on FreeBSD 6.2 Kernel