Sunday, April 22, 2012

Fedora 16 - Security Spin

I was poking around the Fedora website the other day and went to the spins page ( and noticed one on security. I'd not seen this before and downloaded it to give it a test drive (I'm working off of it right now, as a matter of fact).  Spins are simply live images that use a particular window manager (like KDE or Gnome) or that have groups of packages installed for a particular purpose.
Besides the security spin, there are also spins for games, electronics, robotics, scientific computing, and multimedia and publishing. I won't list all the apps on the security spin here; you can go to and find the list yourself.
The collection is a nice attempt to provide a little of everything. It's not going to replace BackTrack as your pen testing platform, and there other bootable images for forensics with greater breadth of tools, but it's a nice start, especially if you've not used a live boot security toolkit before.
The one area I would add a bit more to if I were doing this myself would be in the intrusion detection area. What's there is mostly in the arena of host based detection (chkrootkit, rkhunter, aide) though they do include pads, which I'm not familiar with.
I'd like to see more network based intrusion detection along the lines of the excellent Security Onion distribution, from Doug Banks, or the (evidently) no longer active HeX toolkit (
Dougs Security Onion, (, provides you with snort, Suricata, Squil, Snorby, Bro and a host of others. Adding just a few of these to the Fedora spin would make it a little more rounded, I think, since the intent seems to be to provide a wide range of tools in different areas of NetSec.
But, all in all, I think it's a good distro, and if you're just getting started and want to try out tools in a lot of different areas, it's worth a look.
By the way, there's a nice list of security live boots at:
Have fun!

No comments:

Blog Archive