Preferred Live-CD Toolkit?

View Poll Results: How do you handle employees that leave your organisation?

Voters
7. You may not vote on this poll
  • Have a procedure to remove access but we don't audit it

    1 14.29%
  • We have a procedure to remove access AND we audit it

    3 42.86%
  • We don't have a procedure but we run routine checks for dormant accounts

    0 0%
  • We have no procedures or routine checks I am aware of

    3 42.86%
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Preferred Live-CD Toolkit?

  1. #1
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Preferred Live-CD Toolkit?

    I have been using Auditor for some time now (Thanks MsMittens! I can admit it when I'm wrong.) and am very happy with it...but I'm always wondering if the grass is greener on the other side of the fence. I've heard of Whoppix and Whax, but I have no experience with them, or any other live forensic-security toolkit images.

    So tell me what you like, and why? What's hot these days? What are we all using?

    If you want to add an option to the poll, just indicate it in the thread and we'll add them as we go!
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    No Helix? I was just playing with it this morning in a VM to see how it behaves there (installs nicely on GSX 3.2) as well as to see what tools it has. Not a huge selection but some.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    I have grown to love PHLAK. It is very easy to use, and brings a large selection of security apps. There are a few minor ones I was looking for which I couldn't find on the CD, but that is to be expected. Auditor is also great, but I think I'd put both on a par - I can't really make my mind up between them!

    I have heard quite a lot about Arudius lately, but I haven't had the time to try it. It's pretty small (IIRC it's under 250MB), but it claims to bring quite a lot of apps. Again, I haven't tried it, but you might like to give it a go. Whax I've heard is also the current 'bleeding-edge LiveCD toolkit', but I haven't tried it either.

    Knoppix-StD was good, but it hasn't seen an update in a while so the apps are quite old.

    My final choice? Probably PHLAK, although Auditor is also brilliant. Both are missing a few remote apps, but they're both good. Maybe I should build my own...

    Cheers,

    -jk

    [edit] These are more security LiveCDs than forensic ones, but I'm sure they all have some forensic apps.
    TAZForum <---- click

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    I just tried Backtrack.. It's a merge of Whax and the Auditor..

    first of all, we wish everyone a happy new year and we are shure that your are awaiting a new version of the Auditor Security Collection. We have to regret, that there wont be a new version, but there will be a new version of the BackTrack, which is the replacement distro of Whax and Auditor Security Collection. the development team makes great progress and we getting more and more stable.

    In addition to this we get closer with vmware and are 99% able to integrate vmplayer into BackTrack :-) hurray!
    http://remote-exploit.org
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    No Nubuntu? I know it is still "new" and all, but I have used it a couple of times and it is clean and easy.

    The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing, and remove unneeded packages, such as Gnome, Openoffice.org, and Evolution. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience. Many people ask, "What makes it better than X?", or "Why should I use this over Y". Our answer to this question is, we don't not think about whether people are using it or not. We are more concerned about the learning process. If you want to try something with a clean interface, fast, and an excellent range of programs please don't hesitate to download nUbuntu.
    Some of the main security packages:

    * Aircrack
    * Airsnort
    * Bluesnarfer
    * DSniff
    * EtherApe
    * Ethereal
    * Ettercap
    * ExploitTree
    * FragRouter
    * Honeyd
    * IISEmulator
    * John the Ripper
    * Kismet
    * Metasploit
    * Nemesis
    * Nessus
    * Nikto
    * NMap
    * Samdump2
    * SSLDump
    * VNCrack
    * Void11

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  6. #6
    Banned
    Join Date
    Jul 2004
    Posts
    297
    not listed...F.I.R.E.

  7. #7
    Banned
    Join Date
    Jul 2004
    Posts
    297
    ok... now it is listed. ty.

  8. #8
    Member
    Join Date
    Dec 2004
    Posts
    45
    knoppix STD is pretty nice.

  9. #9
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    I have compiled a list of emails which discussed this very topic recently on the SecurityFocus pen-test mailing list. Here's the link to it: clicky.

    Enjoy!

    -jk


    [edit] Note: First emails at bottom, newest towards the top (sorry about that). Emails separated by line of equals (======).

    [edit2] There's also some more info available in this post.
    TAZForum <---- click

  10. #10
    Member
    Join Date
    Sep 2005
    Posts
    77
    I hadn't heard of Backtrack until SirDice threw it up here in this thread, but after reading up on it, it sounds pretty amazing. I have used Whax on numerous occasions. It had something like over 157 security related tools built in. Now, fusing the best features from both live cd's.... definitely going to have to give it a whirl!
    %42%75%75%75%75%72%70%21%00

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides