diff options
Diffstat (limited to 'fedora-livecd-security.ks')
-rw-r--r-- | fedora-livecd-security.ks | 331 |
1 files changed, 331 insertions, 0 deletions
diff --git a/fedora-livecd-security.ks b/fedora-livecd-security.ks new file mode 100644 index 0000000..333e05b --- /dev/null +++ b/fedora-livecd-security.ks @@ -0,0 +1,331 @@ +# Filename: +# fedora-livecd-security.ks +# Description: +# A fully functional live OS based on Fedora for use in security auditing, forensics research, and penetration testing. +# Maintainers: +# Luke Macken +# Acknowledgements: + +%include fedora-live-base.ks + +# --enforcing once rawhide is less broke +selinux --permissive + +firewall --enabled +bootloader --append noswap + +%packages + +# remove trademarks +-fedora-logos +generic-logos + +gparted +aide +aircrack-ng +airsnort +argus +chkrootkit +clamav +dd_rescue +hexedit +hping3 +john +kismet +lsof +nbtscan +nessus-client +nessus-gui +nessus-server +nc +nc6 +ngrep +nmap +nmap-frontend +p0f +pscan +rats +rkhunter +scanmem +scanssh +sectool-gui +snort +socat +splint +tcpdump +testdisk +tiger +tripwire +wireshark-gnome +xprobe2 +tcpxtract +ettercap +ettercap-gtk +nbtscan +halberd +hunt +firewalk +foremost +iptraf +tor +flawfinder +dsniff +pcapdiff + +pads +ntop +honeyd +picviz +#inetiviz not yet available +etherape +prewikka +prelude-notify +prelude-manager +prelude-lml + +# Other necessary components +screen +openbox +obconf +obmenu +desktop-backgrounds-basic +feh +vim-enhanced +gnome-terminal +gnome-menus + +# make sure debuginfo doesn't end up on the live image +-*debuginfo + +%end + +%post + +# remove trademarks +sed -i -e 's/Fedora/Generic/g' /etc/fedora-release + +# useful stuff +echo "alias grep='grep --color'" >> /home/fedora/.bashrc + +# create /etc/sysconfig/desktop (needed for installation) +cat > /etc/sysconfig/desktop <<EOF +DESKTOP="openbox" +DISPLAYMANAGER="gdm" +EOF + +# add initscript +cat >> /etc/rc.d/init.d/fedora-live << EOF + +#if [ -e /usr/share/icons/hicolor/96x96/apps/fedora-logo-icon.png ] ; then + # use image also for kdm +# mkdir -p /usr/share/apps/kdm/faces +# cp /usr/share/icons/hicolor/96x96/apps/fedora-logo-icon.png /usr/share/apps/kdm/faces/fedora.face.icon +#fi + +# openbox configuration +echo "openbox-session" > /home/fedora/.xsession +chmod a+x /home/fedora/.xsession +chown fedora:fedora /home/fedora/.xsession + +mkdir -p /home/fedora/.config/openbox +cat >> /home/fedora/.config/openbox/autostart.sh << OBDONE + +# Run the system-wide support stuff +. /etc/xdg/openbox/autostart.sh + +OBDONE + +# rc.xml +cp /etc/xdg/openbox/rc.xml /home/fedora/.config/openbox +sed -i -e 's/Clearlooks/Onyx/' /home/fedora/.config/openbox/rc.xml + +# menu.xml +cat >> /home/fedora/.config/openbox/menu.xml << OBDONE +<?xml version="1.0" encoding="UTF-8"?> + +<openbox_menu xmlns="http://openbox.org/3.4/menu"> + +<menu id="recon-menu" label="Reconnaissance"> + <item label="ettercap"> + <action name="Execute"><command>gnome-terminal -e "su -c ettercap-gtk"</command></action> + </item> +<item label="hping3"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'hping3; bash'"</command></action> + </item> + <item label="nc6"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'nc6 -h; bash'"</command></action> + </item> + <item label="nc"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'nc; bash'"</command></action> + </item> + <item label="ngrep"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'ngrep -h; bash'"</command></action> + </item> + <item label="nessus"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'nessus; bash'"</command></action> + </item> + <item label="nmap"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'nmap; bash'"</command></action> + </item> + <item label="p0f"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'p0f -h; bash'"</command></action> + </item> + <item label="scanssh"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'scanssh; bash'"</command></action> + </item> + <item label="socat"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'socat; bash'"</command></action> + </item> + <item label="tcpdump"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'tcpdump -h; bash'"</command></action> + </item> + <item label="tiger"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'tiger; bash'"</command></action> + </item> + <item label="wireshark"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'wireshark; bash'"</command></action> + </item> + <item label="xprobe2"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'xprobe2; bash'"</command></action> + </item> + <item label="nbtscan"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'nbtscan; bash'"</command></action> + </item> + <item label="tcpxtract"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'tcpxtract; bash'"</command></action> + </item> + <item label="firewalk"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'firewalk; bash'"</command></action> + </item> + <item label="hunt"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'hunt; bash'"</command></action> + </item> + <item label="halberd"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'halberd; bash'"</command></action> + </item> +</menu> + +<menu id="forensics-menu" label="Forensics"> + <item label="chkrootkit"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'chkrootkit; bash'"</command></action> + </item> + <item label="clamav"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'clamscan; bash'"</command></action> + </item> + <item label="dd_rescue"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'dd_rescue; bash'"</command></action> + </item> + <item label="gparted"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'gparted; bash'"</command></action> + </item> + <item label="hexedit"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'hexedit; bash'"</command></action> + </item> + <item label="prelude"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'prelude; bash'"</command></action> + </item> + <item label="testdisk"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'testdisk; bash'"</command></action> + </item> + <item label="foremost"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'foremost; bash'"</command></action> + </item> +</menu> + +<menu id="wireless-menu" label="Wireless"> + <item label="aircrack-ng"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'aircrack-ng; bash'"</command></action> + </item> + <item label="airsnort"> + <action name="Execute"><command>airsnort</command></action> + </item> + <item label="kismet"> + <action name="Execute"><command>kismet</command></action> + </item> + <item label="dsniff"> + <action name="Execute"><command>dsniff</command></action> + </item> +</menu> + +<menu id="code-menu" label="Code Analysis"> + <item label="pscan"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'pscan; bash'"</command></action> + </item> + <item label="splint"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'splint; bash'"</command></action> + </item> + <item label="flawfinder"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'flawfinder; bash'"</command></action> + </item> +</menu> + +<menu id="id-menu" label="Intrusion Detection"> + <item label="aide"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'aide; bash'"</command></action> + </item> + <item label="snort"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'snort; bash'"</command></action> + </item> + <item label="tripwire"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'tripwire --help; bash'"</command></action> + </item> +</menu> + +<menu id="password-menu" label="Password Tools"> + <item label="john"> + <action name="Execute"><command>gnome-terminal -e "sh -c 'john; bash'"</command></action> + </item> +</menu> + +<menu id="root-menu" label="Fedora Security Spin"> + <separator label="Fedora Security Spin" /> + <menu id="recon-menu" /> + <menu id="forensics-menu" /> + <menu id="wireless-menu" /> + <menu id="id-menu" /> + <menu id="code-menu" /> + <menu id="password-menu" /> + <separator /> + <item label="Terminal"> + <action name="Execute"> + <command>gnome-terminal</command> + </action> + </item> + <item label="Firefox"> + <action name="Execute"> + <command>firefox</command> + </action> + </item> + <separator /> + <menu id="fedora" label="Fedora" execute="/home/fedora/.config/openbox/obgnome.py" /> + <item label="Install to Hard Drive"> + <action name="Execute"> + <command>liveinst</command> + </action> + </item> + <separator /> + <menu id="client-list-menu" /> + <separator /> + <item label="ObConf"> + <action name="Execute"> + <startupnotify><enabled>yes</enabled><icon>openbox</icon></startupnotify> + <command>obconf</command> + </action> + </item> + <item label="Reconfigure"> + <action name="Reconfigure" /> + </item> + <separator /> + <item label="Exit"> + <action name="Exit" /> + </item> +</menu> + +</openbox_menu> + +OBDONE + +# workaround to start nm-applet automatically +#cp /etc/xdg/autostart/nm-applet.desktop /usr/share/autostart/ + +%end |