I was thinking about putting my own distro of linux together, a somewhat of a secure linux if you will, strip it down to a bare bones system include nessus, tripwire, ksniffer, etc, etc, and totally customize to the needs of a hacker, I was just wondering what would interest other hackers and what else I should include.

Darq

I must be missing the point.

You want to make a distro of linux for hackers. . .

Wouldn't a hacker just d/l the latest image, install nothing but the basic files, and then build up?

(Not saying that I am a "hacker", but) That is what I am doing with my BSD box, I installed just the OS, and next I am going to install just the packages that I need, vi, gcc, blah, blah, blah.

But, then again, I do think I am missing something here.

Dhej

I guess that is kinda of redundant linux for hackers, but i was thinking of just packaging a whole bunch of secuity related software together use the LSM kernel, possibly an encrypted FS and just put a whole bunch of hacker tools on there, really what i should have asked are what are the favorite security programs out there.

A couple of years ago some netties of mine and me sat out to make what we at first called "hackLinux".

The finished image contained a kernel and a shitload of encrypted files containing misconfigured utilities and incorrectly compiled executables.

It had no manual
There was only really ONE help in it all:

hint

This would give you a hint as to a thing that had not been done to make the whole thing work and a small hint as to how you might get it to work.

ie: "A guy named Joe came into play late in the game. He fixed his .conf to get GUI"

Then inside the JOE configuration we left a hint as to what was seriously wrong with X

Other than that everything had to be done by hand.

When we were fineshed with it we released it into our group and called it "Linux: The game"

We found that most of the group members that actually downloaded and installed it concentrated their efforts on getting TCP/IP and IRC so they could get help from their friends ;)


If any one of you want the .iso I think I can dig it up.

If you find it, let me know. I would like to take a look at it and learn some stuff... :cool:

The problem is that your target audience would probably be too paranoid to use any of it without spending so much time verifying checksums that it would not be worth it.

There is a Floppy Distro of Linux called SETH. It stands for System Exploration Tools / Hacking. It's a pretty cool single floppy. It uses an older kernel and doesn't have PCMCIA support, though. Some of the tools I use on my system are:
nmap
nessus
p0f (this is a passive operating system detector)
queso
portsentry
tcp_wrappers
ipchains (i'm using a 2.2.x kernel)
tcpdump
and some tcl scripts i put together for network probing.
links to most of the tools can be found at insecure.org

hope this helps.

thanks to the guys at insecure.org I have found the top 50 most used programs by security minded individuals: http://insecure.org/tools.html
and unfortunetly like someone said before there is probably going to be alot of distrust of any hacker linux distros, but if anyone would like to help me drop a line darqw1nd@hotmail.com or #hacker / #hackers on irc.dal.net
peace

A couple of weeks ago my cat tipped over my primary CD rack.

Sadly the only surviving image I've been able to locate was in there Tuskin...

I've confirmed the death by inserting the CD into my CDROM drive and getting the "no cd in drive" error when I attempt to mount.

I've started a thread on our group board to see if anyone can dig up their copy, but I'm afraid there's not much of a chance.

Besides: The kernel and utils are obcolete, so it really won't be much of a point.

Well that sux. How did you "misconfigure" everything anyways? The problem I run into is that most of it installs correctlyand I dont have to correct anything, nothing major. I seem to read and dig a lot more when I've got "problems" to defeat. Did you manually misconfigure it all and then just put all of it together to make one wacked up version of Linux? Are there any resources out there that have a list of all configuration files? I'm having trouble disiphering the types of files... windows has extensions... this is just plain text. Thanx for the help :jack:

Personally I don’t think there is much need for a “Linux for hacker.” But, it could be useful so I will not condemn it, In fact I’d like to have it in my library or time-capsule if you will.

its kinda official i have began working on plans for DSL :
darq's secure linux, its loosely based on debian, with the encypted FS, etc, etc, I have recieved a few replies about helping me which i am sure ill be taking the offer up on, ...
and if anyone can think of a clever way to insure file integrity lemme know cause md5 could get cumbersome

peace

How did we misconfigure?

For instance we reversed all resmodes for X...

640x480 became 480x640

"I'd spot that EASY" you might say, but when the ENTIRE FILE is built in a simmilar manner it looks right.
you need to be pretty good at confing X to spot it right away.

All the while we used eachother as testers. ie I would get a mail with the subject "What's wrong with this?" and a short text explaining what it was with an attached file containing errorous configurations.
If I could not find ALL errors within 2-3 hours of reciveing the mail the file would "pass" the test.

We mostly used automation scripts (python) to **** things up.

*lol*
It probably was a lot fun to MAKE the "distro" than it would be to make it all work again.

DigitalD...
Curious...
I know what it says...
But...
WTF?
y00 n33dz t4 b3 l33t t4 h4v3 n|c3 ph33t!
enlighten me!

DigitalDemon

What exactly did the Python scripts do? Were they automatic? I dont know much about Pyton, only opinions about it... Are there any other resources like your "Wacky Distro" out there?

Thanx

:deal:

The scripts would search for phrases or words in textfiles (.conf etc) and replace them according to certain rules. Nothing big.

The reason we used python was because of it's ease of use for this sort of scripting behaviour.