A Deep View To Spin Fedora Security Labs

1722


Fedora is a great Distro (one of my favorites) but they have an alternative version for the common Linux Release, they call this alternative Spins.

The Spins consist in a Fedora Release with a certain Software. The Spins available are:

  • Fedora Security Lab: Security aimed Software
  • Sugar on a Stick: Education Software
  • Fedora Design Suite: Graphic Design Software
  • Fedora Games Spin: Did I really need to explain this? Totally gamer
  • Fedora Electronic Lab: Electronic Development

They all are a great spins (Software) but we are going to focus into one spin today, the Fedora Security Lab, software included and what they do, let’s begin.

The Fedora Security Lab (FSL) has many, many power tools, it has a Firewalls, network analizer, password crackers, intrusion prevention. The main goal is to give the user a full featured security protection and prevention. Some of the Software installed are:

Code Analizer

  • Flawfinder: It’s a code analizer software. This program can find code vulnerabilities
  • pscan: Process monitoring tool
  • rats: Easily extensible parser generator for C-like languages
  • splint: Tool for statically checking C programs for security vulnerabilities and common programming mistakes

Forensics

  • chkrootkit: Installing and detecting rootkits under any Linux / UNIX server distributions
  • clamav: Provides a scanning daemon intended primarily for mailserver integration, command line scanner for on-demand. anti-virus program
  • dc3dd:A patched version of GNU dd with added features
  • dd_rescue: Disk Driver Recovery Tool
  • foremost: Recover erased files
  • hexedit: Hexadecimal Editor
  • mhonarc: A Perl program for converting mail, or news, messages into HTML archives
  • rkhunter: Similar to chkrootkit
  • testdisk: Partition table recovery tool

Intrusion Detection

  • labrea: creates virtual machines for unused IP addresses in the specified block of IP addresses. Sits and listens for ARP
  • snort: It’s a sniffer/logger and can detect attacks. Have an alert system
  • triptwire: Intrusion detection system

Password Tools

  • John: It’s similar to John the Ripper
  • ncrack: Wireless password recovery and crack tool
  • ophcrack: Windows Password cracker based on Rainbow Tables

Reconnaissance

  • Ettercap: It’s a sniffer/logger for wireless
  • Scapy: Powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool
  • Unicornscan: full-featured open source port scanner developed, it provides a Command-line interface
  • Xprobe2: Active operating system fingerprinting tool
  • dsniff: A sniffer tool, you can grab packages from the network
  • firewalk: Audit firewalls and routers to make sure they are filtering traffic correctly
  • hping3: Command-line oriented TCP/IP packet assembler/analyzer
  • hunt: Hunt is a program for intruding into a connection, watching it and resetting it
  • iptraf: IP Network Monitor
  • nbtscan:Program for scanning IP networks for NetBIOS name information.
  • nc: The nc (or netcat) utility is used for just about anything under the sun involving TCP or UDP
  • nc6: Netcat6 is a simple unix utility which reads and writes data across network connections, using the TCP or UDP protocol over IPv4 or IPv6 networks
  • nessus: Security scanner for Linux, BSD, Solaris, and other flavors of Unix. Performs over 900 remote security checks, and suggests solutions for security problems
  • ngrep: analyze network traffic in a manner similar to that of other network sniffers with regular expressions
  • p0f: Fingerprinting technique based on analyzing the structure of a TCP/IP packet to determine the operating system and other configuration properties
  • scanssh: Scanning a list of addresses and networks for open proxies, SSH protocol servers, SMTP and Web servers
  • sing: Sends ICMP packets fully customized from command line
  • socat: Establishes two bidirectional byte streams and transfers data between them
  • tcpdump: Dump traffic on a network
  • tcpxtract: A tool for extracting files from network traffic based on file signatures
  • tiger: Is a security tool that can be use both as a security audit and intrusion detection system

Wireless

  • aircrack-ng: 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured
  • airsnort: operates by passively monitoring transmissions, computing the encryption key when enough packets
  • kismet: 802.11 layer2 wireless network detector, sniffer, and intrusion detection system

The FSL is running under the LXDE and it’s available to Download from the Fedora Web Site, Enjoy!!