Secured Distributions – Security, Privacy, Forensics Tools

This is a list of the best known and excellent reputation for Linux distributions, outstanding under three criteria:

Security, Privacy and Forensics.

You will be welcome any suggestions in the comments to complement or supplement this list of tools. Thank you.

Astaro Security Linux

http://www.astaro.com/
http://freshmeat.net/projects/asl/

A firewall and VPN product. Available for free download but not completely open source. Version 2.033 was released April 25, 2003. Sun Cobalt: v 2.033 April 28, 2003. Stable 4.x (i386): v 4.031 was released February 28, 2006. Stable 5.x: 5.211 was released March 21, 2006. ASL v6.201 was released April 6, 2006. ASG V7.1 GA was released December 3, 2007. ASG V7.400 was released February 26, 2009. ASG 7.500 was released September 18, 2009. ASG 8 was released July 1, 2010. ASG 8.100 Beta was released October 19, 2010.

BackBox Linux

http://www.backbox.org/

BackBox is based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable version of the most used and best known ethical hacking tools. BackBox Linux 2, released September 3, 2011, features Ubuntu 11.04, kernel 2.6.38, and Xfce 4.8.0.

BackTrack

http://www.remote-exploit.org/backtrack.html

BackTrack is the result of the merging of two Penetration Testing live Linux distributions, Auditor Security Linux and WHAX. BackTrack is based on SLAX (Slackware) and provides user modularity. This means the distribution can be easily customised by the user to include personal scripts, additional tools, customised kernels, and so on. The merger was introduced February 5, 2006. BackTrack v.1.0 Final was released May 26, 2006. BackTrack 5 R1 was released August 18, 2011.

CAINE

http://www.caine-live.net/

CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a project of Digital Forensics. CAINE offers a complete forensic environment that is organized to integrate existing software tools as software modules and to provide a friendly graphical interface. CAINE joined the list with the release of v2.0 “NewLight” dated September 14, 2010. CAINE 2.5 “SuperNova” was released September 18, 2011.

CensorNet

http://www.censornet.com/

CensorNet is a Debian-based Linux distribution must be installed on a dedicated machine with a minimum of two Ethernet adapters. The Console Configuration Tool is used to configure system settings and perform system maintenance, and the Web Administration Tool designed for day to day control of users, workstations and filtering rules. CensorNet 3.3 was the current version in April 2005. CensorNet Professional was available as Linux based software for self-installation, on a Dell powered hardware appliance or as a fully certified VMware virtual appliance as July 2009.

Debian Hardened

http://www.debian-hardened.org/
http://sourceforge.net/projects/debianhardened

Debian Hardened is a custom Debian distribution aimed at bringing high security to Debian GNU/Linux, with hardening features such as a hardened kernels and packages (Stack Smashing Protector + PIE compiled), the DHKP and linux entropy pool enhancements (and the LTRNG) for strong cryptography. Ubuntu Hardened is a related project.

DEFT

http://www.deftlinux.net/

DEFT is an Italian distribution that aims to be a very easy to use system that includes an excellent hardware detection and the best free and open source applications dedicated to incident response and computer forensics. DEFT is meant to be used by: police, investigators, system administrator, individuals, and all the people who need to use forensic tool but don’t know the open source operative systems and the Forensic techniques. DEFT 6.1 was released April 15, 2011.

Endian Firewall Community

http://www.endian.com/en/

Endian Firewall Community is a “turn-key” Linux security distribution that turns every system into a full featured security appliance. The software has been designed with “usability in mind” and is very easy to install, use and manage, without losing its flexibility. This distribution was added to the list at version 2.1, released January 9, 2007. Endian Firewall Community 2.1.2 was released July 10, 2007. Version 2.2 was released May 28, 2009. Endian Firewall Community 2.4 was released May 26, 2010.

Engarde Secure Linux

http://www.engardelinux.org/
http://freshmeat.net/projects/esl/

EnGarde is a secure distribution of Linux engineered from the ground-up to provide organizations with the level of security required to create a corporate Web presence or even conduct e-business on the Web. It can be used as a Web, DNS, e-mail, database, e-commerce, and general Internet server where security is a primary concern. Version 1.2 (Professional) was released June 28, 2002. Version 1.3 (Community Edition) was released April 28, 2003. EnGarde Secure Community 3.0.22 was released December 9, 2008.

Euronode

http://euronode.org/

The Euronode Project provides a set of distributions, originally based on Debian GNU/Linux Woody Release 2. Three distributions are available: Euronode Minimal Woody, Euronode Simple Firewall, and Euronode Advanced Firewall. The Debian Sarge based Euronode 6.1, with 2.6.13 Linux kernel, was released January 10, 2006. Euronode sells “Instant Software Appliances” as of July 2009.

Helix

http://www.e-fense.com/helix/

Helix is a customized version of the Knoppix Live Linux CD with many applications dedicated to Incident Response and Forensics. Helix 1.7 was released March 7, 2006. Helix 1.9E was released July 31, 2007. Helix 2008R1 (2.0) was released September 22, 2008. Helix 2008 is based on Ubuntu.

Inquisitor

http://www.inquisitor.ru/

Inquisitor is an open-source hardware testing and certification system, suitable for both enterprise and home use, customizable, modular and available in both serverless Live CD/DVD format and server-controlled network boot production system. It hails from Russia like its parent OS, Alt Linux. This entry was added August 18, 2008. Inquisitor v3.0 was released July 20, 2008. Inquisitor v3.1-beta2 was released October 20, 2009.

IPCop Firewall

http://www.ipcop.org/
http://sourceforge.net/projects/ipcop

IPCop Firewall is a Linux firewall distro. It will be geared towards home and SOHO users. The difference with existing firewalls is that the IPCop interface will be very user-friendly and task-based. IPCop v0.1.1 was released January 17, 2002. IPCop 2.0.2 was released November 18, 2011.

IPFire

http://www.ipfire.org/

IPFire is a Linux distribution that focuses on easy setup, good handling and a high level of security. It is operable via an intuitive web interface. IPFire is maintained by experienced developers, who are really concerned about security and regulary updates to keep it secure. The project started in 2005 as an IPCop derivative, but the 2.x version moved to Linux From Scratch as its base. IPFire 2.7 was released July 2, 2010. IPFire 2.7 core update 43 was released December 3, 2010. IPFire 2.9 core update 52 was released September 17, 2011. IPFire 2.11 beta for ARM was released October 5, 2011. IPFire 2.11 was released November 2, 2011.

Knoppix-STD

http://www.knoppix-std.org/

STD (security tools distribution) is a collection of hundreds if not thousands of open source security tools on a Live Linux CD. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can. The initial version, Knoppix-STD 0.1 CD, was released January 23, 2004.

Liberté Linux

http://dee.su/liberte

Liberté Linux is a secure, reliable, lightweight, and easy to use Gentoo-based LiveUSB Linux distribution intended as a communication aid in hostile environments. Liberté installs as a regular directory on a USB/SD key, and after a single-click setup, boots on any desktop computer or laptop. Available internet connection is then used to set up a Tor circuit which handles all network communication. Liberté joined the list with the release of 2010.1, dated November 22, 2010.

Lightweight Portable Security

http://spi.dod.mil/lipose.htm

Lightweight Portable Security (LPS) was designed by the US Department of Defense to function as a secure end node. LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive and runs in RAM, providing a trusted network environment on an untrusted computer. LPS joined the list with the release of LPS-Public ISO 1.1.1, dated November 15, 2010. LPS-Public 1.2.4 was released September 19, 2011.

Live Hacking CD

http://livehacking.com/cd-dvd/live_hacking_cd.htm

The Live Hacking CD is packed with tools and utilities for ethical hacking, penetration testing and countermeasure verification. Based on Ubuntu this live CD/DVD runs directly from the CD/DVD and doesn’t require installation on your hard-drive. Once booted you can use the included tools to test, check, ethically hack and perform penetration tests on your own network to make sure that it is secure from outside intruders. Live Hacking CD was added to the list February 16, 2010. Live Hacking Penetration Testing DVD V1.3 was released April 21, 2011.

NetSecL

http://netsecl.com/

NetSecL is a Slackware based distribution with Grsecurity, chroot hardening, /tmp race prevention, extensive auditing and many other security features. Many scanners and sniffers are included to help keep your system secure. NetSecL joins the list with v2.1, released July 16, 2007. NetSecL 2.6 was released February 27, 2010. NetSecL 3.0 was released August 23, 2010. NetSecL 3.2 was released July 14, 2011.

Network Security Toolkit (NST)

http://www.networksecuritytoolkit.org/nst/
http://sourceforge.net/forum/forum.php?forum_id=602238

The Network Security Toolkit (NST), is a bootable ISO live CD is based on Fedora Core 2. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms. NST also makes an excellent tool to help one with all sorts of crash recovery troubleshooting scenarios and situations. Version 1.2.3 was released September 5, 2005. Version 1.8.1 was released January 8, 2009. NST 2.13.0, based on Fedora 13, was released October 7, 2010. NST 2.15.0-2515 was released August 10, 2011.

nUbuntu

http://www.nubuntu.org/

nUbuntu aims to create an Ubuntu-derived distribution with a focus on security testing. The initial version, nUbuntu – SP2, was released January 6, 2006. nUbuntu Live was released January 17, 2006. nUbuntu 6.06 was released June 26, 2006. nUbuntu 8.12 “Instigating Insecurity” Beta was released December 16, 2008.

Openwall GNU/Linux

http://www.openwall.com/Owl/
http://freshmeat.net/projects/owl-os

Owl (Openwall GNU/*/Linux) is a small security-enhanced distribution for servers. Owl also makes a good base system for customized virtual machine images and embedded systems, and Owl live CDs with remote SSH access are good for recovering or installing systems (whether with Owl or not). A single Owl CD includes the full live system, installable packages, the installer program, as well as full source code and the build environment capable of rebuilding the entire system from source. Owl supports multiple architectures (x86, x86-64, SPARC, and Alpha) and offers some compatibility for packages developed for other Linux distributions. The primary approaches to security are proactive source code review, privilege reduction, privilege separation, careful selection of third-party software, safe defaults, and “hardening” to reduce the likelihood of successful exploitation of security flaws. The Owl 0.1-prerelease was released on May 11, 2001. Openwall GNU/*/Linux (Owl) 2.0 was released February 16, 2006. Openwall GNU/*/Linux 3.0 was released December 16, 2010.

QubesOS

http://qubes-os.org/

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. The first alpha version was released April 7, 2010. Qubes Beta 1 was released April 12, 2011.

REMnux

http://zeltser.com/remnux/
http://sourceforge.net/projects/remnux/

REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. The distribution is based on Ubuntu and is maintained by Lenny Zeltser. REMnux 1.0 was made available as a VMWare virtual machine image, released July 8, 2010.

SmoothWall

http://www.smoothwall.org/

SmoothWall was first released to the world in July 2000 as a hardened internet firewall device. Products include Smoothwall Server and Smoothwall GPL, renamed Smoothwall Express. Smoothwall GPL 1.0 was released December 10, 2002. Smoothwall Express 2.0 was released December 17, 2003. SmoothWall Express 2.0 SP1 (stable update) was released December 22, 2006. SmoothWall Express 3.0 “Polar” was released August 22, 2007. Update 5 for Express 3.0 was released September 2, 2009.

Tails

http://tails.boum.org/

The Amnesic Incognito Live System (Tails) is a Debian based live CD/USB aimed at preserving your privacy and anonymity by forcing all outgoing connections to the Internet to go through the Tor network and by leaving no trace on local storage devices unless explicitly asked. Tails 0.7, based on Debian 6.0 squeeze, was released April 15, 2011. Tails 0.8.1 was released October 16, 2011. Tails 0.9 was released November 11, 2011.

Tin Hat

http://opensource.dyc.edu/tinhat
http://freshmeat.net/projects/tinhat

Tin Hat is a Linux distribution derived from hardened Gentoo which aims to provide a very secure, stable and fast Desktop environment that lives purely in RAM. Tin Hat boots from CD, or optionally a pen drive, but it is not a LiveCD. It does not mount any file system from CD via unionfs or otherwise. Rather, Tin Hat is a massive image (approx. 2.3GB) which loads into tmpfs upon booting. One pays the prices of long boot times (5 minutes off CD, 2 minutes off pen drives), but the advantage afterwords is that there are no delays going back to the CD when starting applications. Needless to say, this has some rather extreme advantages and disadvantages, making Tin Hat a rather particular distribution. Tin Hat was added to the list with the release of 20080830. Tin Hat 20110613 is out.

Ubuntu Privacy Remix

https://www.privacy-cd.org/

The Ubuntu Privacy Remix is a modified Live-CD based on Ubuntu Linux. UPR is not intended for permanent installation on hard disk. The goal of Ubuntu Privacy Remix is to provide an isolated, working environment where private data can be dealt with safely. The system installed on the computer running UPR remains untouched. The first stable version (8.04r1) was released December 4, 2008. UPR v8.04_r2 was released December 22, 2008. UPR 9.04r4 was released September 9, 2010. UPR 10.04r2 “Locked Lynx” was released October 30, 2011.

Ubuntu Rescue Remix

http://ubuntu-rescue-remix.org/

Ubuntu Rescue Remix is a GNU/Linux live system which runs from CD or USB flash device. It provides the data recovery specialist with a command-line interface environment equipped with the best free-libre, open source data recovery and forensics tools available. URR joined the list with the release of version 10.04 (April 29, 2010). URR 10.10 was released October 19, 2010. URR 11.04 was released April 28, 2011. URR 11.10 was released October 13, 2011.

Resource:
https://lwn.net

Advertisements

5 Comments

  1. Hey! I simply want to provide a huge thumbs upward for that great data you will have the following about this publish. I will be coming back to your blog for added soon.

  2. All I want to say is, yes! Yes! Yes! Youre so correct. I need to get behind this so a lot. You speak with so significantly authority, so considerably spirit, I feel as although youve certainly hit the nail on the head. Great job with this. Please keep brining us far more since we need more of your type of blogger.

  3. My Trackback…

    […]Virginity is like a soapbubble, one prick and it is gone.[…]…

  4. … [Trackback]…

    […] Read More here: seclist.wordpress.com/2011/12/17/secured-distributions-security-privacy-forensics-tools/ […]…

  5. Title…

    Have to get it on my http://www...


Sorry, the comment form is closed at this time.

Comments RSS