Saturday, April 07, 2012

For-Sec LiveCD Updates

It has been a while since I updated the ISO files on my iodd external drive/ISO boot device.

I’ve amassed quite a collection of forensic, security, WinPE, and pen-test distros on it and unless something major gets released, I usually don’t pay close attention to keeping them current.

So during a slow Saturday, I figured I would surf the webs and grab the latest versions of the primary LiveCD distros I keep handy on it.

Turns out there are quite a few updates to be had; most all of them pretty recent!

DEFT 7.1 ready for download - DEFT Linux - Bug fixes, updated packages, new tools and exciting bells-n-whistles. Released around 03-30-2012.

CAINE 2.5.1 SuperNova - Forensic LiveCD version released 11-18-2011. I really like this one and as a added bonus, this distro includes an auto-run tool menu if used in a running Windows system: WinTaylor 2.5.1.

PALADIN 2.06 - Forensic LiveCD from SUMURI group. Free download but registration is required for download access. The LiveCD is free and there is a USB version also available at a nominal cost though you can make your own if you wish. I don’t think this is a “recent” release version, but it was newer than the previous version I had.

Raptor 2.5- Forensic LiveCD from ForwardDiscovery group. Current version released 02-26-012. Free download but registration is required for download access. The LiveCD is free and like Paladin, is also available as a pre-installed USB device for a small expense. Raptor is cool in that they have versions for both Intel and PowerPC systems.

Matriux 1.2 “Krypton” - The Open Source Security Distribution for Ethical Hackers and Penetration Testers LiveCD. Current version was released 02-16-2012. Check out the “arsenal” list for a full roundup of the included packages.

BackTrack 5 R2 Release - Penetration Testing Distribution - Latest release version came out around 03-01-2012. This is one of the largest and best for/sec distros out there and includes an amazing collection of tools with extensive documentation on the website and in the community.

GnackTrack - phillips321.co.uk - is (and apparently ever will be) frozen at the final release as the developer is moving on to newer things and since Back Track now comes in both Gnome and KDE flavors.

Blackbuntu Linux & BackBox Linux are new Sec distros to me but since phillips321 recommended them that makes them worth checking out in my book.

Security Onion 20120405 - LiveCD from Doug Burks is out and includes options for a local install if desired. If the file-naming and post date is any indication, then this release is just a few days out of the oven as of 04-05-2012. I deeply appreciate Doug’s work as he is super-good in keeping it fresh and updated frequently.

Windows Forensic Environment - WinFE - Last but definitely not least, Brett Shavers remains hard at work in the Windows PE (FE focused) WinFE building project. Though not an “off-the-shelf” ISO, the process for building your own is pretty straight-forward and all the hard work has already been done. Recent WinFE building work includes a neat GUI-based app from a script you can add into your WinFE building project.

Need some places to start with WinFE building?

These WinFE Blog posts by Brett are particular good.

Finally, these last Linux LiveCD distros are really, exactly For-Sec but I’m really liking them for when I just need to pop-onto a system in my own secure environment and am not comfortable with just what is lurking on the “live” host system. Recently mentioned here on GSD but still sharing the goodness all the same. Besides, it just looks cool if anyone is shoulder-surfing.

Software Protection Initiative - Lightweight Portable Security.  This is a USAF/DOD project and is super-cool and super sharp.  The latest versions were released 02-16-2012. The “Deluxe” version is larger than the primary version as it also contains OpenOffice and AdobeReader software.

Selected info from the page linked above:

Lightweight Portable Security (LPS) creates a secure end node from trusted media on almost any Intel-based computer (PC or Mac). LPS boots a thin Linux operating system from a CD or USB flash stick without mounting a local hard drive. Administrator privileges are not required; nothing is installed. The LPS family was created to address particular use cases: LPS-Public is a safer, general-purpose solution for using web-based applications.

Read the LPS-Public Quick Start Guide. (PDF link)

Read the LPS-Public User's Manual. (PDF link)

Easter Joy,

--Claus V.

No comments: