[Fedora-livecd-list] Security LiveCD

[Jane Dogalt]

--- Luke Macken <lmacken at redhat.com> wrote:

> I started piecing together a Fedora Security LiveCD, designed for
> security auditing, penetration testing, and forensics.  See my blog
> post and the wiki page for more information:
> 
>     http://lewk.org/blog/2007/03/04/security-livecd
>     http://fedoraproject.org/wiki/LukeMacken/SecurityLiveCD
> 
> {comments,suggestions,patches} welcome.

Just off the top of my head, here is what I'd like to see-

Suppose you have just created an interesting webserver livecd, with
some random smattering of enabled features and services particular to
your needs.

I would like to see a security livecd, which when booted on a system
that either has the prior webserver livecd .iso on the disk, or
available via the network, does the following-

- boots the webserver livecd under qemu, then runs the most aggressive
penetration/scan it can think of against it.

Clearly there are many subtle details about how the virtual network and
system are launched/configured so that they match as closely as
possible the real deployment situation.

I would hope that as time passes you would see a cat and mouse back and
forth.  I.e. various holes are found in the webserver livecd
configuration and fixed, and various new penetration mechanisms are
added to the security livecd.

Hopefully what would evolve via this 'fitness function' would be a
kickstart file describing a very secure webserver livecd (and thus less
than a stones throw away from a very secure generic webserver
kickstart).

-dmc/jdog



 
____________________________________________________________________________________
Don't pick lemons.
See all the new 2007 cars at Yahoo! Autos.
http://autos.yahoo.com/new_cars.html