Knoppix STD
From Wikipedia, the free encyclopedia
Knoppix STD (Security Tools Distribution) is a LiveCD Linux distribution based on Knoppix that focuses on computer security tools. It includes GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking.
It is also known as a favorite distribution of Kevin Rose and was used in thebroken.
[edit] Tools
- Authentication tools located in /usr/bin/auth/ include freeradius 0.9.3.
- Encryption tools located in /usr/bin/crypto/ include 2c2, 4c, acfe, cryptcat, gifshuffle, gpg 1.2.3, ike-scan, mp3stego, openssl 0.9.7c, outguess, stegbreak, stegdetect, sslwrap, stunnel, super-freeSWAN 1.99.8, texto and xor-analyze.
- Forensics tools located in /usr/bin/forensics/ include sleuthkit 1.66, autopsy 1.75, biew, bsed, consh, coreography, dcfldd, fenris, fatback, foremost, ftimes, galleta, hashdig, hdb, mac-robber, md5deep, memfetch, pasco, PhotoRec, readdbx, readoe, rifiuti, secure_delete, TestDisk, wipe, and other typical system tools used for forensics (dd, lsof, strings, grep, etc.)
- Firewall tools located in /usr/bin/fw/ include blockall, flushall, firestarter, firewalk, floppyfw, fwlogwatch, iptables 1.2.8, gtk-iptables and shorewall 1.4.8-RC1,
- Honeypots located in /usr/bin/honeypot/ include honeyd 0.7, labrea and thp
- Intrusion detection systems located in /usr/bin/ids/ include snort 2.1.0, ACID, barnyard, oinkmaster, hogwash, bro, prelude, WIDZ, aide, logsnorter, swatch, sha1sym, md5sum and syslogd.
- Network utilities located in /usr/bin/net-utils/ include LinNeighborhood, argus, arpwatch, cdpr, cheops, etherape, iperf, ipsc, iptraf, mrtg, mtr, ntop 2.1.0, rrdtool, samba and tcptrack.
- Password tools located in /usr/bin/pwd-tools/ include john 1.6.34, allwords2, chntpw, cisilia, cmospwd, djohn, pwl9x and rcrack.
- Servers located in /usr/bin/servers/ include apache, ircd-hybrid, samba, smail, sshd, vnc, net-snmp, tftpd and xinetd
- Packet sniffers located in /usr/bin/sniff/ include aimSniff, driftnet, dsniff, ethereal .0.10.0, ettercap 0.6.b, filesnarf, mailsnarf, msgsnarf, ngrep, tcpdump, urlsnarf and webspy.
- TCP tools located in /usr/bin/tcp-tools/ include arpfetch, arping, arpspoof, arpwatch, despoof, excalibur, file2cable, fragroute, gspoof, hopfake, hunt, ipmagic, lcrzoex, macof, packetto 1.10 and 2.0pre3, netsed, packETH, tcpkill and tcpreplay
- Tunnels located in /usr/bin/tunnels/ include cryptcat, httptunnel, icmpshell, netcat, shadyshell, stegtunnel, tcpstatflow and tiny shell.
- Vulnerability Assessment tools located in /usr/bin/vuln-test/ include ADM tools, amap 4.5, IRPAS, chkrootkit 0.43, ClamAV, curl, exodus, ffp, firewalk, hydra, nbtscan, ncpquery, nessus 2.0.9, nikto, nmap 3.48, p0f, proxychains, rpcinfo, screamingCobra, siege, sil, snot, syslog_deluxe, thcrut, vmap, warscan, xprobe2, yaph and zz.
- Wireless tools located in /usr/bin/wireless/ include airsnarf, airsnort, airtraf, gpsdrive, kismet 3.0.1, kismet-log-viewer, macchanger, wellenreiter and patched orinoco drivers
[edit] See also
- Auditor Security Collection
- Backtrack LiveCD
- nUbuntu
- PHLAK: Another security tools live CD
