Local Area Security Linux LiveCD 94
An anonymous reader writes "LocalAreaSecurity.com has released a new version of their live-CD Linux distribution for information security professionals. It contains over 200 security tools including all the usual suspects (Nmap, Nessus, etc.) as well as many other great tools less well known. The ISO images are meant to be burned on 185MB and 210MB miniCDs which they update around twice a month. L.A.S. also publishes many papers on how to use the tools as well as research docs on *nix security. Their latest papers include: Securing Mambo Open Source CMS, Doing More With Less: Nessus, and L.A.S. Security Tool Review and Howto: kismet."
Re:Obviously... (Score:5, Insightful)
I wonder how this will fare against Knoppix STD? Knoppix, as the world knows, is an awesome LiveCD distro of Linux that comes with an assortment of tools. This... just seems to come with a lot more. I guess it just matters about that user-friendliest though, as an Elite Linux user could boot up with Slackware CD 2, the LiveCD and do just as much or more. But yet, Slackware is as user friendly as a rabid wolf.
Re:Obviously... (Score:3, Interesting)
And Knoppix STD (security tools distribution, just to clear that up ;) works flawlessly on even the oldest and most exotic systems. I haven't personally used LAS Linux but the degree of flexibility Knopp
Re:Obviously... (Score:2)
If you haven't already downloaded and burned/mounted this, this IS KNOPPIX with some slightly different branding. It still boots up and says KNOPPIX all over it.
Move along now, the Linuxcare BBC did more than this, and was much more integrated and tested.
Re:Obviously... (Score:3, Funny)
Re:I put Linux Live CD's on the computers at Best (Score:5, Interesting)
I was going to reply to this with something witty since I work for Best Buy as an In-Store Technician, and use Linux LiveCDs on a daily basis...
I have never had customers complain about the speed of it, but more about cool it is to run directly from CD and rescue their files.
Re:Nmap (Score:3, Insightful)
Would you throw away your hammer because it can be used to illegally break into places?
Re:Nmap (Score:2)
- Fact: Isaac Newton never had sex.
- Fact: 9/11 wouldn't have happened if we didn't have gravity.
Conclusion: We must ban gravity.Re:Nmap (Score:2)
Nice try, but wrong conclusion...
Fact: 9/11 wouldn't have happened if we didn't have gravity.
Fact: Gravity was discovered by Isaac Newton.
Fact: Isaac Newton never had sex.
Conclusion: We must ban virginity. (I can hear some people cheering that now.)
Z.
The law and desireability (Score:5, Insightful)
Uh, huh.
When Phil Zimmerman released PGP, he underwent a three-year investigation by the FBI.
I not care in the least what either Phil or Fyodor did (especially when Fyodor was tracking down a harasser). They produce excellent software, which is their only interaction with me.
There is a lot of content on Slashdot that could be considered libel. If every person guilty of libel on Slashdot was ignored, we'd have an awfully quiet forum.
Re:Mini-disks only? (Score:3, Informative)
Re:Mini-disks only? (Score:3, Funny)
Re:Mini-disks only? (Score:3, Informative)
Re:Mini-disks only? (Score:2)
Blah.
PHLAK? (Score:4, Interesting)
Re:PHLAK? (Score:5, Interesting)
Re:PHLAK? (Score:2)
Re:PHLAK? (Score:1)
Re:PHLAK? (Score:1)
Re:PHLAK? (Score:2)
I disagree. The only "black hat tools" imo are rootkits and the like. Everything else, to and including password crackers and vulnerability scanners, is just as much an auditing tool as it is a cracking tool.
Having used both distros, PHLAK has a little bit more style to it. I don't get the impresion that they made it for black hat uses, but wannabe blackhats may gravitate to it. You gott
MOD PARENT UP (Score:3, Informative)
busted link for future reference [phlak.org]
Re:PHLAK? (Score:1)
Re:PHLAK? (Score:1)
Talk about security.... (Score:5, Funny)
I have used LAS... (Score:5, Informative)
Some other good Security LiveCD distros are Knoppix STD [knoppix-std.org] and P.H.L.A.K. But I mainly use Knoppix (which also has kismet [kismetwireless.net] and nmap [insecure.org]), and when I want speed, SLAX [linux-live.org] is very good.
Re:I have used LAS... (Score:3)
http://www.phlak.org/ [phlak.org]
Seems to be down currently, tho...
Re:I have used LAS... (Score:3, Interesting)
Get your STD now (Score:2, Funny)
Can it scan MS servers (Score:2, Interesting)
I mean, nmap is always useful but I know my ports are solid so what else on there isn't *nix specific?
Mirrors for Download (Score:5, Informative)
HTTP Current 185MB Version [localareasecurity.com] | Current 210MB Version [localareasecurity.com]| Download Directory [localareasecurity.com]
FTP Current 185MB Version [localareasecurity.com] | Current 210MB Version [localareasecurity.com]| Download Directory [localareasecurity.com]
Please try to use a geographically closer mirror:
http://chefax.fe.up.pt/mirrors/las/ [fe.up.pt] -HTTP Portugal
ftp://chefax.fe.up.pt/pub/mirrors/las/ [fe.up.pt] -FTP Portugal
http://ftp.lug.udel.edu/pub/iso-images/LAS [udel.edu] -HTTP US Delaware
ftp://ftp.lug.udel.edu/pub/iso-images/LAS [udel.edu] -FTP US Delaware
http://www.mednor.net/ftp/pub/mirrors/las/ [mednor.net] -HTTP US California
ftp://ftp.mednor.net/pub/mirrors/las/ [mednor.net] -FTP US California
Not all mirrors are up at this time. We remove mirrors periodically from the list that are not updated but re-add them once updated.
MD5sWe are currently seeking additional mirrors in Europe and Asia.
L.A.S.0.5-185MB MD5:543fe2f42472f73cdba8378d9cb58579
L.A.S. 0.5-210MB MD5: bc3a9ba8afcb99ff3e549b5d8d0b22a8
Re:Mirrors for Download (Score:4, Insightful)
Wake up people, releasing ISO's should be done through BitTorrent. Then, instead of
Re:Mirrors for Download (Score:1, Informative)
Re:Mirrors for Download (Score:2, Funny)
You'd think someone clever enough to point it out would realize that they already have a torrent link on their page. (Rather than just jumping to a conclusion and looking like a fool.)
On their page: http://www.localareasecurity.com/index.php?option
Torrents - http://onyx.chattanoogastate.edu:6970/
On bootup ... (Score:5, Funny)
210mb download . . . . . . . . . . . [PASS]
News posted on Slashdot . . . . . . [PASS]
Insufficient mirrors . . . . . . . . [PASS]
Setting new record for shortest slashdotting time . .
"security" (Score:2, Insightful)
Re:"security" (Score:2, Funny)
Wait a minute...Where that fuck ARE the buttons!!?!?
Linux SuX0rz! Where's the cursor!!?
Re:"security" (Score:5, Insightful)
And thus, I want a copy. As others have joked, by the very definition of a "skript kiddie" (unskilled cracker dependent on the tools of others), something like this is way out of their league. But I assume you might have meant, "People who do illegal things to computers who could use such a convenient CD where all the free tools online are in one place."
Well, they are going to do use it, whether it's wrong or not, and if LAS doesn't do it, someone else will (and has). And I want the same tools to test my firewalls and stuff to make SURE that it's hard to break into my network. Nothing will ever be hack-proof, but if you can make it hard for illegal entry, the crook will look elsewhere for something easier. And tools like these give me the same tools the crooks have, and the advantage I have is that I don't need time to "sniff" for anything to deduce which items to crack, since I already know what machines are senistive. I can just use an Ethereal capture pointed at an IP or MAC and see what it's sending out. Try and hack my own wireless connection with Kismet. And so on.
It's all in intent, and how you use it. I use tools like thse to trace stray DHCP servers, look for illegal Kazaa use, or find out who's trying to hack my firewall.
A prybar is not illegal. Forcing open a loose door on property you don't own or beating someone to death with it is illegal. But you don't see people banning prybars at Home Depot.
Re:"security" (Score:2)
No, of course we shouldn't ban prybars. Prybars don't commit illegal acts, people with prybars commit illegal acts. We should ban people.
This is of course the same argument that is used against Gun Control. Never mind that it would be harder for people to commit crimes using guns if they didn't have such ready access to those
glad to see.. (Score:3, Informative)
But I just read.. (Score:2, Insightful)
BitTorrent (Score:1)
Re:BitTorrent (Score:2)
News??? (Score:1)
Set up a torrent? (Score:3, Interesting)
Re:Set up a torrent? (Score:3, Informative)
Re:Set up a torrent? (Score:1)
Re:Set up a torrent? (Score:2)
Some people have names with dynamic IP providers.
Why BitTorrent? (Score:1)
As more low bandwidth users become involved in BitTorrent (especially seeding), I suspect its propagation rate will deteriorate as well.
Anybody have an explanation or comparison?
slashdotted... (Score:1)
Re:slashdotted... (Score:1)
Re:slashdotted... (Score:1)
Re:slashdotted... (Score:1)
Jack
well worth bookmarking distrowatch (Score:5, Informative)
I wonder if people are becoming less distro-religous since most distros seem to work well. anyway, after reading distrowatch for a while you'll no doubt become a distro-tart and try all out 101 live cd's like L.A.S.
rd
Using it right now ... (Score:3, Interesting)
No, it's not a replacement for Knoppix STD, but it's a nice complement.
Comment removed (Score:4, Insightful)
Re:Minidisk (Score:1)
Re:Minidisk (Score:1)
Re:Minidisk (Score:2, Informative)
Official Torrent (Score:4, Informative)
http://onyx.chattanoogastate.edu:6970/ [chattanoogastate.edu]
Re:Official Torrent (Score:1)
I was planning on leaving it up for a week or so.
Jack
Noteable Omissions (Score:3, Insightful)
Tethereal [ethereal.com] The X version "ethereal" is there, but I've always prefered the text based ethereal
Etherape [sourceforge.net] A cool visual traffic monitor.
Other than that, LAS Linux is pretty cool!