This project is closed. Please see https://launchpad.net/nubuntu instead.
The purpose of this project is to have an Ubuntu LiveCD with useful network security tools. Current version is 0.1 (Nov 9, 2005) based on Ubuntu 5.10 LiveCD
Contributors welcome. Launchpad page: https://launchpad.net/people/ubuntu-securitylivecd
Applications to Install
Some places to start:
Note: some applications are not going to make much sense in a LiveCD to use on the field but it's good to have them as learning/teaching/demo tools.
Applications and Data to Take Out
From Gnome menu:
- Games: (all)
- Graphics: (all)
- Internet: (all except firefox)
- office: (all)
sound & video: (all)
- system tools:
- Applicatins menu editor
- Bug report tool
Other: languages (leave English only)
Creation of Version 0.1 of Ubuntu Security LiveCD
Notes about the creation of this CD:
Used instructions from: https://wiki.ubuntu.com//LiveCDCustomizationHowTo/
- At this point I want the candidate applications to be installed must be available using apt-get from available repositories (including universe).
- kernel version is 2.6.12-9.21
Note: names used are the names of the packages (sometimes is different from the user application. Some version numbers are added for reference).
Note: this should be group in something like:
- Intrusion Detection
- Vulnerabililty Assessment
- Network utilities
Note: add links to items in this list.
- nmap 3.81
- nessus 2.2.4
- chkrootkit 0.45
- tcpdump (already there)
- siege 2.61
- netcat (already there)
- smbclient, smbfs (already there)
Not in repositories: (some will be added in a later version)
To be added later:
- Paketto Keiretsu
Note: Using dpk --purge
Note: Based in list from: http://svn.gnome.org/viewvc/livecd-project/trunk/remaster.conf?revision=71&view=markup
- openoffice.org2 (move to end?)
- openoffice.org-common -core NO!!
ttf-baekmuk & /usr/share/fonts/truetype/baekmuk
- mutt (not installed)
ttf-kochi-gothic & /usr/share/fonts/truetype/kochi
This list has to increment.
Creation of CD
I got an error while doing $ umount /mnt "device is busy"; to find the processes that are using the partition I did: $ fuser -u /mnt, and that gave me the PIDs of those programs (they were: arpwatch, freshclam -that's clamAV- and snort), In order to terminate them I can kill them or do $ fuser -k /mnt
Extra things to delete in extracted_cd:
There are lots of stuff to rm. At this point I only deleted:
There's many things that need revisiting here.
NOTE: testing with qemu (qemu -cdrom liveimage.iso -boot d) didn't work
Created CD "version 0.1" booted fine; operating system works well.
Size is 540.8 MB
Testing of added programs:
There where problems with some graphical applications. Some need to be configured before burning CD.
- seahorse OK
- etherape OK
- ethereal NO: "Could not set capabilities: Operation not permitted"
- ntop NO: cannot write to /var/lib/ntop/prefsCache.db
- nessus NO: "could not open a connection to localhost" (no server running?)
- airsnort OK? (starts, no wifi)
linneighborhood (LinNeighborhood) OK
- chkrootkit OK
- curl OK
- arping OK
- arpwatch OK
- clamav OK
- nbtscan OK
- nikto OK
- p0f OK
- siege OK
- snort OK (sudo snort -h 192.168.0.0/24 -c /etc/snort/snort.conf
- netcat (nc) OK
- httptunnel (htc, hts) OK
- netsed OK
- dsniff OK
- ngrep OK
- john OK
- wenglish OK (at /usr/share/dict/american-english)
- smbclient OK
- tcptrack OK
- swatch OK
- labrea OK
- biew OK
- fenris NO: libc mapping problem
- foremost Ok
- wipe OK
- zebedee OK
For this version we have to improve the two taks:
- installed programs:
- make work all of them
- add important missing tools
- remove more programs and data
(Dec 8, 05) Let's see if we can have a beta version before next year.
We need a list of infosec applications classified in "must have" (to include in the beta) and "nice to have" (to try adding later on).
Attributes to write about these apps: name, url, size (packaged) and comments if needed
ethereal http://www.ethereal.com/ 9.6MB (tar.gz), 7.7MB (tar.bz2) - Graphical, needs post-installation
nessus http://nessus.org/ 5.2MB (aprox, source) - Graphical option, needs post-installation