February 16th, 2005, 09:18 PM
KNOPPIX Project - Security Issues?
I just got back from some training in which they provided us the latest cut of a KNOPPIX CD:
And were suggesting that as we go into *nix audits we should always keep a CD or separate computer or separate harddrive with security/forenics tools on it because we would not be sure of any system compromise from the get go. I asked the following, and the instructor believed it safe, I just need to verify, but has anyone run into security issues with the KNOPPIX Linux variant or creating the CD (backdoors, trojans, etc.)?
Also - the instructors suggested Knoppix because 1) it's a snap to use - which is true, we had MS oriented people in the class using Linux in about 20-30 minutes of it being shown 2) it's free or near free 3) it's flexible and does not write to the harddrive unless told to do so.
February 16th, 2005, 09:22 PM
They didn't suggest Knoppix-STD? AFAIK, I haven't seen any issues yet with it, particularly if it's a CD version.
February 16th, 2005, 09:34 PM
Aw frell! That's right - they did - brain lock - sorry.  And thanks for the quick reply - I will have the underwear gnomes start cutting CDs tonight! [/edit]
Also - the cut we had ran smooth, once you got the video display issues worked out. I think it was <F2> to open the various display modes on the laptops.
Also - and maybe I should post this somewhere - when using VMWare and Knoppix, "fun" with the soundcard - meaning the soundcard goes nuts - I should dig more and post for that as we ran into that a few times over last week with various laptops (DELL and Compaq).
February 16th, 2005, 09:35 PM
Which version of VMWare? I've heard that Beta 5 is something sweet to work with (I still need to download and burn FreeBSD 5 to load onto my lab machine).
February 16th, 2005, 09:51 PM
VMWorkstation 4 (4.5). But I had no issues (using IBM - no that's not an endorsement). I tried a few scenarios in my testing with 4, using Windows as the host and using the Windows version of VMWare with RH as the guest, and then using RH as the host and using the Linux version with MS as the guest.
Like I said, I believe the people had 4.5, but they had the instructor proctors fixing the problem.
The people at the class told me the beta was sweet as well, but I already got cracked for using a beta software for something else, so I will have to wait until a productive release is ready - or I just use one of our pen testing machines and rebuild - FreeBSD 5 you say. I will have to get some time and see if I can load that and the beta of VMware up, because I have run into other issues with this current release.