Security and manageability minded LiveCD? - Security

This is a discussion on Security and manageability minded LiveCD? - Security ; ~ Hi, ~ I am a LiveCD enthusiast who has been using kanotix, knoppix (since its 3.8 version ;-)) and FreesBIE and I have been minding for some time about using liveCD's as full blown servers ~ There is little ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: Security and manageability minded LiveCD?

  1. Security and manageability minded LiveCD?

    ~
    Hi,
    ~
    I am a LiveCD enthusiast who has been using kanotix, knoppix (since
    its 3.8 version ;-)) and FreesBIE and I have been minding for some
    time about using liveCD's as full blown servers
    ~
    There is little and spotty information on this. yeah! you could
    certainly run apache right off your knoppix distro, but is this the
    way you would actually run your server?
    ~
    Very little is mentioned, if at all, about OS hardening and
    protection such as what you could achieve with open source grsecurity,
    SELinux, PAX, ...
    ~
    You find basically nothing here:
    ~
    http://en.wikipedia.org/wiki/Compari...ux_LiveDistros
    ~
    and in his latest (very superficial book)
    ~
    http://www.amazon.com/dp/0132432749/
    ~
    "Live Linux(R) CDs: Building and Customizing Bootables", Christopher
    Negus doesn't say anything about it
    ~
    Having something like a base-line sever liveCD that would let you
    easily customize/remaster the rest to your liking would be superb!
    ~
    Probably there is something I am missing here, but I think running
    your OS and the application stack from a live CD would be great, among
    others, for security, manageability and versioning
    ~
    Any ideas, good links your know of?
    ~
    Thanks
    lbrtchx


  2. Re: Security and manageability minded LiveCD?

    I forgot to add that Red Hat/Fedora is pretty good in that regard,
    but is still not as easy to tinker with/remaster as one would want
    ~
    lbrtchx


  3. Re: Security and manageability minded LiveCD?

    Since you mention FreeBIE, you might consider http://www.trustedbsd.org/

  4. Re: Security and manageability minded LiveCD?

    > Since you mention FreeBIE, you might considerhttp://www.trustedbsd.org/
    ~
    right off the bat:
    ~
    " ... This project is still under development ..."
    ~
    and by the way I knew of it. I just checked to see how far along they
    were
    ~
    I need a server, secure baseline to start remastering with my own
    applications stack right now
    ~
    lbrtchx


  5. Re: Security and manageability minded LiveCD?

    lbrtchx@gmail.com :
    >
    > I am a LiveCD enthusiast who has been using kanotix, knoppix (since
    > its 3.8 version ;-)) and FreesBIE and I have been minding for some
    > time about using liveCD's as full blown servers
    >
    > There is little and spotty information on this. yeah! you could
    > certainly run apache right off your knoppix distro, but is this the
    > way you would actually run your server?


    Modern live cds will slurp themselves into RAM assuming you've enough
    to do it (.5 Gb). So, why not if you know how to control it? If
    you're remastering distros so your boots understand where and what
    they are when they boot, what's the diff from running from disk?
    Speed. Network latency may swamp that speed gain, but what the hey?

    As long as your installs know where their loghost is, where /var is,
    and how to talk dhcp (or static?), it should be great. Problem? Frob
    it. Still problem? Hardware!

    > Very little is mentioned, if at all, about OS hardening and
    > protection such as what you could achieve with open source grsecurity,
    > SELinux, PAX, ...


    Go to distrowatch.com and search distro types related to security.

    > Having something like a base-line sever liveCD that would let you
    > easily customize/remaster the rest to your liking would be superb!


    Sure. Lots of people suggest LFS/Linux From Scratch. I suggest you
    build it. With busybox and expect and all the other whiz-bang tools
    out there, it's really not that hard. You can even do it by pulling
    individual debs/rpms off an install CD and dumping them into a loop
    mounted iso filesystem. Throw something in there that gives it
    something to boot from, and burn it. I think I'd start pulling stuff
    off a Sidux live CD, myself.


    --
    Any technology distinguishable from magic is insufficiently advanced.
    (*) http://blinkynet.net/comp/uip5.html Linux Counter #80292
    - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.

  6. Re: Security and manageability minded LiveCD?

    > On Nov 14, 9:32 pm, "s. keeling" wrote:
    > ... I think I'd start pulling stuff off a Sidux live CD, myself.

    ~
    I think I would rather build from http://fedoraproject.org/wiki/Security/Features
    ~
    lbrtchx

  7. Re: Security and manageability minded LiveCD?


    > Having something like a base-line sever liveCD that would let you
    > easily customize/remaster the rest to your liking would be superb!
    > Any ideas, good links your know of?
    > ~


    This is not exactly what you are looking for as they can not be
    customized,
    but the tools they include may help you or give you ideas.

    http://www.grml.org

    http://cryptobox.org


  8. Re: Security and manageability minded LiveCD?


    > Any ideas, good links your know of?
    > ~
    > Thanks
    > lbrtchx



    GRML rocks!

    http://www.grml.org

    But it can't be customized, AFA

+ Reply to Thread