[Fedora-livecd-list] Security LiveCD
Luke Macken
lmacken at redhat.com
Tue Mar 20 00:09:10 UTC 2007
On Sun, Mar 04, 2007 at 06:31:57PM -0800, Jane Dogalt wrote:
> --- Luke Macken <lmacken at redhat.com> wrote:
> > I started piecing together a Fedora Security LiveCD, designed for
> > security auditing, penetration testing, and forensics. See my blog
> > post and the wiki page for more information:
> >
> > http://lewk.org/blog/2007/03/04/security-livecd
> > http://fedoraproject.org/wiki/LukeMacken/SecurityLiveCD
> >
> > {comments,suggestions,patches} welcome.
>
> Just off the top of my head, here is what I'd like to see-
>
> Suppose you have just created an interesting webserver livecd, with
> some random smattering of enabled features and services particular to
> your needs.
>
> I would like to see a security livecd, which when booted on a system
> that either has the prior webserver livecd .iso on the disk, or
> available via the network, does the following-
>
> - boots the webserver livecd under qemu, then runs the most aggressive
> penetration/scan it can think of against it.
>
> Clearly there are many subtle details about how the virtual network and
> system are launched/configured so that they match as closely as
> possible the real deployment situation.
>
> I would hope that as time passes you would see a cat and mouse back and
> forth. I.e. various holes are found in the webserver livecd
> configuration and fixed, and various new penetration mechanisms are
> added to the security livecd.
>
> Hopefully what would evolve via this 'fitness function' would be a
> kickstart file describing a very secure webserver livecd (and thus less
> than a stones throw away from a very secure generic webserver
> kickstart).
Interesting idea; doesn't seem too far fetched, but I don't know how
large this use case is.
Regardless, it's really just a matter of adding some cohesion between the existing
tools (ie, automatic network/host reconnaissance, bringing up virtual hosts, then
running scans/tests on it).
Right now, [with everything I've seen], you pretty much need to already
know which tools you want to use and how to use them. I think we either
need to provide some sort of interface that will help users figure out
the right tools for the job (and automate tasks), or at least provide
them with useful documentation so they can figure out what they need.
luke
More information about the Fedora-livecd-list
mailing list