Thu, 25 Oct 2007

Shiny new Security LiveCD

The Fedora-based security livecd that I created a little while back is coming along quite nicely. I have yet to submit it to become an officially blessed Fedora spin, mainly because I didn't want it to be Yet Another gnome-based livecd with a bunch of extra packages shoved into it. If we're going to try and even remotely compare to existing livecds such as backtrack, we're going to have to try a little bit harder :)

I've gotten multiple requests from people asking for a minimal security livecd, with something a bit slimmer than GNOME, preferably *box. Being a proud openbox user for the past 6 years -- I gladly complied. So, the other day on the bus ride home from work, I re-based the spin against the minimal configuration, and tweaked out the openbox configuration quite a bit.

The default openbox menu contains a few boilerplate entries, most of which are for applications that don't even exist in a default Fedora install. I went ahead and threw together a menu that is categorized by the type of security tool in the spin. I also wanted the ability for users to have access to the same menu entries as our default GNOME menu. To accomplish this, I hacked up a dynamic openbox pipe menu, which generates the same menu hierarchy as the GNOME application menu, on-the-fly :)

#!/usr/bin/python -tt

import gmenu

def walk_menu(entry):
    if entry.get_type() == gmenu.TYPE_DIRECTORY:
        print '<menu id="%s" label="%s">' % (entry.menu_id, entry.get_name())
        map(walk_menu, entry.get_contents())
        print '</menu>'
    elif entry.get_type() == gmenu.TYPE_ENTRY and not entry.is_excluded:
        print """
            <item label="%s">
              <action name="Execute">
        """ % (entry.get_name(), entry.get_exec())

print "<openbox_pipe_menu>"
map(walk_menu, gmenu.lookup_tree('').root.get_contents())
print "</openbox_pipe_menu>"

Patches/comments/suggestions/criticism welcome! See the SecurityLiveCD wiki for more details on how to spin your own and get involved.

posted at: 05:00 | link | Tags: , , , | 8 comments

Sat, 19 May 2007

Security LiveCD

So last week I created an initial version of a potential Fedora Security LiveCD spin. The goal is to provide a fully functional livecd based on Fedora for use in security auditing, penetration testing, and forensics. I created it as a bonus project for my Security Auditing class (instead of following the 5-pages of instructions on how to create a Gentoo livecd that she handed out (mad props to davidz for creating an amazing LiveCD tool)), but it has the potential to be extremely useful and also help increase the number and quality of Fedora's security tools. I threw in all of the tools I could find that already exist in Fedora, but I'm sure I'm missing a bunch, so feel free to send patches or suggestions. I also added a Wishlist of packages that I would eventually like to see make their way in Fedora, after the core->extras merge reviews are done.

I would eventually like to see Fedora offer a LiveCD that puts all of the existing linux security livecds to shame. We have quite a ways to go, but this is a start. I'm taking a computer forensics class next quarter, so I will be expanding it to fit the needs of our class as well.

posted at: 19:15 | link | Tags: , , , , | 0 comments

Wed, 02 May 2007

Creating a Fedora Security Live USB key

Here is how to easily create a security-distribution based on what will eventually be Fedora 7. This requires that you be running FC7Test* or rawhide, as the livecd-tools are not currently available for FC6.

Prepare the USB key
You may not need to do this for some USB sticks, but I had to remove all partitions on my Cruzer Micro and format the whole thing as vfat to get it to boot. Make sure to change /dev/sdd to your USB device.

# mkfs.vfat -I /dev/sdd
Spin the livecd
# yum install livecd-tools mercurial
$ hg clone
$ cd security-livecd
# ./

Copy the ISO to your USB stick

# livecd-iso-to-disk Fedora7-SecurityLiveCD.iso /dev/

Interested in helping make the Security LiveCD better? See the SecurityLiveCD wiki for more information.

posted at: 06:24 | link | Tags: , , , | 44 comments