2010-02-19 14:32:02 +00:00
|
|
|
# Filename:
|
|
|
|
# fedora-livecd-security.ks
|
|
|
|
# Description:
|
|
|
|
# A fully functional live OS based on Fedora for use in security auditing, forensics research, and penetration testing.
|
|
|
|
# Maintainers:
|
|
|
|
# Christoph Wickert <cwickert [AT] fedoraproject <dot> org>
|
|
|
|
# Joerg Simon <jsimon [AT] fedoraproject <dot> org>
|
|
|
|
# Acknowledgements:
|
|
|
|
# Fedora LiveCD Xfce Spin team - some work here was inherited, many thanks!
|
|
|
|
# Fedora LXDE Spin - Copied over stuff to make LXDE Default
|
|
|
|
# Luke Macken, Adam Miller for the original OpenBox Security ks and all the Security Applications!
|
2011-02-28 13:45:40 +00:00
|
|
|
# Hiemanshu Sharma <hiemanshu [AT] fedoraproject <dot> org>
|
2010-08-27 21:16:44 +00:00
|
|
|
# Important!!!!
|
|
|
|
# Beginning with Security Stuff - we use pattern to parse the kickstart-file for building the security menu - please use
|
|
|
|
# # Category: Categoryname <- for new Categories
|
|
|
|
# # Command: Commandname <- for the given Command
|
|
|
|
# # rCommand: Commandname <- for a command as root
|
|
|
|
# # Entry: Menu-Entry <- for the MenuEntry Name (optional)
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
%include fedora-live-base.ks
|
2010-03-23 13:14:04 +00:00
|
|
|
%include fedora-live-minimization.ks
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
%packages
|
2011-05-07 12:02:42 +00:00
|
|
|
### LXDE desktop
|
2010-10-28 19:31:50 +00:00
|
|
|
@lxde-desktop
|
2010-10-27 13:43:07 +00:00
|
|
|
lxlauncher
|
|
|
|
obconf
|
|
|
|
lxdm
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
### internet
|
|
|
|
firefox
|
|
|
|
icedtea-web
|
2011-10-10 14:55:12 +00:00
|
|
|
pidgin
|
|
|
|
sylpheed
|
|
|
|
transmission
|
|
|
|
|
|
|
|
### graphics
|
|
|
|
epdfview
|
|
|
|
#mtpaint
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
### audio & video
|
2010-10-27 13:43:07 +00:00
|
|
|
alsa-plugins-pulseaudio
|
|
|
|
asunder
|
2011-05-07 12:02:42 +00:00
|
|
|
lxmusic
|
2011-10-10 14:55:12 +00:00
|
|
|
gxine
|
|
|
|
gxine-mozplugin
|
2011-05-07 12:02:42 +00:00
|
|
|
pavucontrol
|
2011-10-10 14:55:12 +00:00
|
|
|
pnmixer
|
|
|
|
# I'm looking for something smaller than
|
|
|
|
#gnomebaker
|
|
|
|
|
|
|
|
### utils
|
|
|
|
galculator
|
|
|
|
parcellite
|
|
|
|
xpad
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
### system
|
|
|
|
gigolo
|
2011-10-13 08:28:45 +00:00
|
|
|
gnome-terminal
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
### more desktop stuff
|
|
|
|
fedora-icon-theme
|
|
|
|
adwaita-cursor-theme
|
|
|
|
adwaita-gtk2-theme
|
|
|
|
adwaita-gtk3-theme
|
|
|
|
|
|
|
|
# pam-fprint causes a segfault in LXDM when enabled
|
|
|
|
-fprintd-pam
|
|
|
|
|
|
|
|
# needed for automatic unlocking of keyring (#643435)
|
|
|
|
gnome-keyring-pam
|
|
|
|
|
2011-10-10 14:55:12 +00:00
|
|
|
NetworkManager-gnome
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
# needed for xdg-open to support LXDE
|
2010-10-27 13:43:07 +00:00
|
|
|
perl-File-MimeInfo
|
2011-05-07 12:02:42 +00:00
|
|
|
|
2011-10-10 14:55:12 +00:00
|
|
|
xcompmgr
|
2011-05-07 12:02:42 +00:00
|
|
|
xdg-user-dirs-gtk
|
2011-10-10 14:55:12 +00:00
|
|
|
xscreensaver-extras
|
2011-05-07 12:02:42 +00:00
|
|
|
|
2011-10-10 14:55:12 +00:00
|
|
|
# use yumex instead of gnome-packagekit
|
|
|
|
#yumex
|
2011-10-21 22:03:05 +00:00
|
|
|
-apper
|
2011-10-10 14:55:12 +00:00
|
|
|
-gnome-packagekit
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
# LXDE has lxpolkit. Make sure no other authentication agents end up in the spin.
|
2010-10-27 13:43:07 +00:00
|
|
|
-polkit-gnome
|
|
|
|
-polkit-kde
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
# make sure xfce4-notifyd is not pulled in
|
2010-10-27 13:43:07 +00:00
|
|
|
notification-daemon
|
|
|
|
-xfce4-notifyd
|
2010-04-22 09:03:47 +00:00
|
|
|
|
2011-05-07 12:02:42 +00:00
|
|
|
# make sure xfwm4 is not pulled in for firstboot
|
|
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=643416
|
|
|
|
metacity
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
# Command line
|
|
|
|
powertop
|
|
|
|
wget
|
|
|
|
yum-utils
|
2010-04-22 09:03:47 +00:00
|
|
|
yum-presto
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
# dictionaries are big
|
2010-10-27 13:43:07 +00:00
|
|
|
-aspell-*
|
|
|
|
-hunspell-*
|
|
|
|
-man-pages-*
|
|
|
|
-words
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
# save some space
|
|
|
|
-sendmail
|
|
|
|
ssmtp
|
|
|
|
-acpid
|
2011-05-07 12:02:42 +00:00
|
|
|
|
|
|
|
# drop some system-config things
|
2010-10-27 13:43:07 +00:00
|
|
|
-system-config-boot
|
2011-05-07 12:02:42 +00:00
|
|
|
#-system-config-language
|
2010-10-27 13:43:07 +00:00
|
|
|
-system-config-lvm
|
|
|
|
-system-config-network
|
|
|
|
-system-config-rootpassword
|
2011-05-07 12:02:42 +00:00
|
|
|
#-system-config-services
|
2010-10-27 13:43:07 +00:00
|
|
|
-policycoreutils-gui
|
2011-10-10 14:55:12 +00:00
|
|
|
-gnome-disk-utility
|
2010-10-27 13:43:07 +00:00
|
|
|
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
###################### Security Stuffs ############################
|
2010-04-22 09:03:47 +00:00
|
|
|
security-menus
|
2010-08-27 21:16:44 +00:00
|
|
|
##################################################################
|
|
|
|
# Category: Reconnaissance
|
|
|
|
# rCommand: dsniff -h
|
2010-02-19 14:32:02 +00:00
|
|
|
dsniff
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: hping -h
|
2010-02-19 14:32:02 +00:00
|
|
|
hping3
|
|
|
|
nc6
|
|
|
|
nc
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: ncrack -h
|
2010-02-19 14:32:02 +00:00
|
|
|
ncrack
|
|
|
|
ngrep
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: nmap -h
|
2010-02-19 14:32:02 +00:00
|
|
|
nmap
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: zenmap-root
|
2010-02-19 14:32:02 +00:00
|
|
|
nmap-frontend
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: p0f -h
|
2010-02-19 14:32:02 +00:00
|
|
|
p0f
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: sing -h
|
2010-02-19 14:32:02 +00:00
|
|
|
sing
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: scanssh -h
|
2011-03-02 08:05:22 +00:00
|
|
|
#temp takout scanssh
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: scapy -h
|
2010-02-19 14:32:02 +00:00
|
|
|
scapy
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: socat
|
|
|
|
# Entry: Socket cat
|
2010-02-19 14:32:02 +00:00
|
|
|
socat
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: tcpdump -h
|
2010-02-19 14:32:02 +00:00
|
|
|
tcpdump
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: unicornscan -h
|
2010-02-19 14:32:02 +00:00
|
|
|
unicornscan
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: wireshark
|
|
|
|
# Entry: Wireshark
|
2010-02-19 14:32:02 +00:00
|
|
|
wireshark-gnome
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: xprobe2
|
2010-02-19 14:32:02 +00:00
|
|
|
xprobe2
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: nbtscan
|
2010-02-19 14:32:02 +00:00
|
|
|
nbtscan
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: tcpxtract
|
2010-02-19 14:32:02 +00:00
|
|
|
tcpxtract
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: firewalk
|
|
|
|
# Entry: Firewalk
|
2010-02-19 14:32:02 +00:00
|
|
|
firewalk
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: hunt
|
|
|
|
# Entry: Hunt
|
2010-02-19 14:32:02 +00:00
|
|
|
hunt
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: dnsenum -h
|
|
|
|
# Entry: DNS Enumeration
|
|
|
|
dnsenum
|
|
|
|
# rCommand: iftop
|
|
|
|
iftop
|
|
|
|
# Command: argus -h
|
2010-02-19 14:32:02 +00:00
|
|
|
argus
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: ettercap -C
|
|
|
|
# Entry: Ettercap
|
2010-02-19 14:32:02 +00:00
|
|
|
ettercap
|
|
|
|
ettercap-gtk
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: packETH
|
|
|
|
packETH
|
|
|
|
# rCommand: iptraf
|
2010-02-19 14:32:02 +00:00
|
|
|
iptraf
|
|
|
|
pcapdiff
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: etherape
|
2010-02-19 14:32:02 +00:00
|
|
|
etherape
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: lynis
|
2010-02-19 14:32:02 +00:00
|
|
|
lynis
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: netsniff-ng
|
|
|
|
netsniff-ng
|
2010-08-28 16:57:35 +00:00
|
|
|
# Command: tcpjunk -x
|
2010-08-27 21:16:44 +00:00
|
|
|
tcpjunk
|
|
|
|
# rCommand: ssldump -h
|
|
|
|
ssldump
|
|
|
|
# rCommand: yersinia -G
|
|
|
|
# Entry: Yersinia
|
|
|
|
yersinia
|
|
|
|
net-snmp
|
|
|
|
# Command: openvas-client
|
|
|
|
# Entry: OpenVAS Client
|
|
|
|
openvas-client
|
|
|
|
openvas-scanner
|
2010-02-19 14:32:02 +00:00
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
#################################################################
|
|
|
|
# Category: Forensics
|
|
|
|
# Command: ddrescue -h
|
|
|
|
ddrescue
|
|
|
|
# Command: gparted
|
2010-02-19 14:32:02 +00:00
|
|
|
gparted
|
|
|
|
hexedit
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: testdisk -h
|
2010-02-19 14:32:02 +00:00
|
|
|
testdisk
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: foremost -h
|
|
|
|
# Entry: Foremost Filecarver
|
2010-02-19 14:32:02 +00:00
|
|
|
foremost
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: sectool-gui
|
|
|
|
# Entry: sectool
|
2010-02-19 14:32:02 +00:00
|
|
|
sectool-gui
|
|
|
|
scanmem
|
|
|
|
sleuthkit
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: unhide
|
2010-02-19 14:32:02 +00:00
|
|
|
unhide
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: examiner
|
|
|
|
# Entry: ELF Examiner
|
2010-02-19 14:32:02 +00:00
|
|
|
examiner
|
|
|
|
dc3dd
|
2010-08-27 21:16:44 +00:00
|
|
|
afftools
|
|
|
|
# Command: srm -h
|
|
|
|
# Entry: Securely Remove Files
|
|
|
|
srm
|
|
|
|
# Command: firstaidkit -g gtk
|
|
|
|
# Entry: First Aid Kit
|
2011-10-17 11:11:09 +00:00
|
|
|
#firstaidkit-plugin-all #temp removed - dependency to grub2
|
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
ntfs-3g
|
|
|
|
ntfsprogs
|
|
|
|
|
|
|
|
#####################################################################
|
|
|
|
# Category: WebApplicationTesting
|
|
|
|
# Command: httping -h
|
|
|
|
httping
|
|
|
|
# Command: nikto -help
|
|
|
|
# Entry: Nikto Websecurity Scanner
|
|
|
|
nikto
|
|
|
|
# Command: ratproxy -h
|
|
|
|
ratproxy
|
|
|
|
# Command: lbd
|
|
|
|
# Entry: Load Balancing Detector
|
|
|
|
lbd
|
|
|
|
# Command: skipfish
|
|
|
|
skipfish
|
2011-10-10 14:55:12 +00:00
|
|
|
# Command: sqlninja
|
|
|
|
sqlninja
|
2010-02-19 14:32:02 +00:00
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
#######################################################################
|
|
|
|
# Category: Wireless
|
|
|
|
# Command: aircrack-ng
|
2010-02-19 14:32:02 +00:00
|
|
|
aircrack-ng
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: airsnort
|
2010-02-19 14:32:02 +00:00
|
|
|
airsnort
|
2010-08-27 21:16:44 +00:00
|
|
|
# rCommand: kismet
|
2010-02-19 14:32:02 +00:00
|
|
|
kismet
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: weplab
|
|
|
|
# Entry: weplab - Wep Key Cracker
|
|
|
|
weplab
|
|
|
|
# Command: wavemon
|
|
|
|
wavemon
|
2010-02-19 14:32:02 +00:00
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
#######################################################################
|
|
|
|
# Category: CodeAnalysis
|
|
|
|
# Command: splint
|
2010-02-19 14:32:02 +00:00
|
|
|
splint
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: pscan
|
2010-02-19 14:32:02 +00:00
|
|
|
pscan
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: flawfinder
|
|
|
|
# Entry: Flawfinder
|
2010-02-19 14:32:02 +00:00
|
|
|
flawfinder
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: rats
|
|
|
|
# Entry: Rough Auditing Tool for Security
|
2010-02-19 14:32:02 +00:00
|
|
|
rats
|
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
######################################################################
|
|
|
|
# Category: IntrusionDetection
|
|
|
|
# rCommand: chkrootkit
|
|
|
|
chkrootkit
|
|
|
|
# Command: aide -h
|
2010-02-19 14:32:02 +00:00
|
|
|
aide
|
|
|
|
labrea
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: honeyd -h
|
|
|
|
# Entry: Honeypot Daemon
|
2011-03-09 13:53:17 +00:00
|
|
|
# temp removal
|
|
|
|
#honeyd
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: pads -h
|
|
|
|
# Entry: Passive Asset Detection System
|
2010-02-19 14:32:02 +00:00
|
|
|
pads
|
|
|
|
nebula
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: rkhunter
|
|
|
|
# Entry: RootKitHunter
|
|
|
|
rkhunter
|
2010-02-19 14:32:02 +00:00
|
|
|
|
2010-08-27 21:16:44 +00:00
|
|
|
########################################################################
|
|
|
|
# Category: PasswordTools
|
|
|
|
# Command: john
|
2010-02-19 14:32:02 +00:00
|
|
|
john
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: ophcrack
|
|
|
|
# Entry: Objectif Securite ophcrack
|
2010-02-19 14:32:02 +00:00
|
|
|
ophcrack
|
2010-08-27 21:16:44 +00:00
|
|
|
# Command: medusa -d
|
|
|
|
# Entry: Medusa Brute Force
|
|
|
|
medusa
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
%end
|
|
|
|
|
|
|
|
%post
|
2010-03-23 18:42:50 +00:00
|
|
|
# LXDE and LXDM configuration
|
2010-02-19 14:32:02 +00:00
|
|
|
|
|
|
|
# create /etc/sysconfig/desktop (needed for installation)
|
2010-03-23 18:42:50 +00:00
|
|
|
cat > /etc/sysconfig/desktop <<EOF
|
2010-02-19 14:32:02 +00:00
|
|
|
PREFERRED=/usr/bin/startlxde
|
2010-03-23 18:42:50 +00:00
|
|
|
DISPLAYMANAGER=/usr/sbin/lxdm
|
2010-02-19 14:32:02 +00:00
|
|
|
EOF
|
|
|
|
|
|
|
|
cat >> /etc/rc.d/init.d/livesys << EOF
|
|
|
|
# disable screensaver locking and make sure gamin gets started
|
2010-03-23 18:42:50 +00:00
|
|
|
cat > /etc/xdg/lxsession/LXDE/autostart << FOE
|
2010-02-19 14:32:02 +00:00
|
|
|
/usr/libexec/gam_server
|
|
|
|
@lxpanel --profile LXDE
|
2011-05-07 12:02:42 +00:00
|
|
|
@pcmanfm --desktop --profile LXDE
|
2010-03-23 18:42:50 +00:00
|
|
|
@pulseaudio -D
|
2010-02-19 14:32:02 +00:00
|
|
|
FOE
|
|
|
|
|
2010-04-22 09:03:47 +00:00
|
|
|
# set up preferred apps
|
|
|
|
cat > /etc/xdg/libfm/pref-apps.conf << FOE
|
|
|
|
[Preferred Applications]
|
|
|
|
WebBrowser=mozilla-firefox.desktop
|
2011-10-10 14:55:12 +00:00
|
|
|
MailClient=redhat-sylpheed.desktop
|
2010-04-22 09:03:47 +00:00
|
|
|
FOE
|
|
|
|
|
2010-03-23 18:42:50 +00:00
|
|
|
# set up auto-login for liveuser
|
|
|
|
sed -i 's|# autologin=dgod|autologin=liveuser|g' /etc/lxdm/lxdm.conf
|
|
|
|
|
2010-02-19 14:32:02 +00:00
|
|
|
# Show harddisk install on the desktop
|
|
|
|
sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop
|
|
|
|
mkdir /home/liveuser/Desktop
|
|
|
|
cp /usr/share/applications/liveinst.desktop /home/liveuser/Desktop
|
|
|
|
|
|
|
|
# Add autostart for parcellite
|
|
|
|
cp /usr/share/applications/fedora-parcellite.desktop /etc/xdg/autostart
|
|
|
|
|
2010-03-23 18:42:50 +00:00
|
|
|
# this goes at the end after all other changes.
|
2010-02-19 14:32:02 +00:00
|
|
|
chown -R liveuser:liveuser /home/liveuser
|
|
|
|
restorecon -R /home/liveuser
|
2010-03-23 18:42:50 +00:00
|
|
|
|
2010-02-19 14:32:02 +00:00
|
|
|
EOF
|
|
|
|
|
|
|
|
%end
|
|
|
|
|