Knoppix STD

Knoppix STD (Security Tools Distribution) is a LiveCD Linux distribution based on Knoppix that focuses on computer security tools. It includes GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking. Knoppix STD version 0.1 was published January 24, 2004, on Knoppix 3.2, and therefore stagnated, lacking updated drivers and packages. There is no release date (as of December 2007) for version 0.2 so this very clever project has died.

Tools

• Authentication tools located in /usr/bin/auth/ include freeradius 0.9.3.

• Encryption tools located in /usr/bin/crypto/ include 2c2, 4c, acfe, cryptcat, gifshuffle, gpg 1.2.3, ike-scan, mp3stego, openssl 0.9.7c, outguess, stegbreak, stegdetect, sslwrap, stunnel, SUPER-freeSWAN 1.99.8, texto and xor-analyze.

• Forensics tools located in /usr/bin/forensics/ include sleuthkit 1.66, autopsy 1.75, biew, bsed, consh, coreography, dcfldd, fenris, fatback, foremost, ftimes, galleta, hashdig, hdb, mac-robber, md5deep, memfetch, pasco, PhotoRec, readdbx, readoe, rifiuti, secure_delete, TestDisk, wipe, and other typical system tools used for forensics (dd, lsof, strings, grep, etc.)

• Firewall tools located in /usr/bin/fw/ include blockall, flushall, firestarter, firewalk, floppyfw, fwlogwatch, iptables 1.2.8, gtk-iptables and shorewall 1.4.8-RC1,

• Honeypots located in /usr/bin/honeypot/ include honeyd 0.7, labrea and thp

• Intrusion detection systems located in /usr/bin/ids/ include snort 2.1.0, ACID, barnyard, oinkmaster, hogwash, bro, prelude, WIDZ, aide, logsnorter, swatch, sha1sym, md5sum and syslogd.

• Network utilities located in /usr/bin/net-utils/ include LinNeighborhood, argus, arpwatch, cdpr, cheops, etherape, iperf, ipsc, iptraf, mrtg, mtr, ntop 2.1.0, rrdtool, samba and tcptrack.

• Password tools located in /usr/bin/pwd-tools/ include john 1.6.34, allwords2, chntpw, cisilia, cmospwd, djohn, pwl9x and rcrack.

• Servers located in /usr/bin/servers/ include apache, IRCD-Hybrid, samba, smail, sshd, vnc, net-snmp, tftpd and xinetd

• Packet sniffers located in /usr/bin/sniff/ include aimSniff, driftnet, dsniff, ethereal .0.10.0, ettercap 0.6.b, filesnarf, mailsnarf, msgsnarf, ngrep, tcpdump, urlsnarf and webspy.

• TCP tools located in /usr/bin/tcp-tools/ include arpfetch, arping, arpspoof, arpwatch, despoof, excalibur, file2cable, fragroute, gspoof, hopfake, hunt, ipmagic, lcrzoex, macof, packetto 1.10 and 2.0pre3, netsed, packETH, tcpkill and tcpreplay

• Tunnels located in /usr/bin/tunnels/ include cryptcat, httptunnel, icmpshell, netcat, shadyshell, stegtunnel, tcpstatflow and tiny shell.

• Vulnerability Assessment tools located in /usr/bin/vuln-test/ include ADM tools, amap 4.5, IRPAS, chkrootkit 0.43, ClamAV, curl, exodus, ffp, firewalk, hydra, nbtscan, ncpquery, nessus 2.0.9, nikto, nmap 3.48, p0f, proxychains, rpcinfo, screamingCobra, siege, sil, snot, syslog_deluxe, thcrut, vmap, warscan, xprobe2, yaph and zz.

• Wireless tools located in /usr/bin/wireless/ include airsnarf, airsnort, airtraf, gpsdrive, kismet 3.0.1, kismet-log-viewer, macchanger, wellenreiter and patched orinoco drivers

See also

• Auditor Security Collection
• Backtrack LiveCD
• nUbuntu
• PHLAK: Another security tools live CD

External links

• Official website
• Distrowatch page

de:Knoppix STD