Anyone played with Knoppuix-STD yet?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Mder.hans at <-
Mder.hans at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Ernest Baca
Date:  
Subject: Anyone played with Knoppuix-STD yet?
I can see your point if the Author said that the source was there but it
really isn't. Yes it is offered under the GPL as mine. GPL states that the
source is available. It is available from Debian or from the download site.
If I put the sources to all my tools on the CD there wouldn't be room. If
I am not mistaken KNOPPIX has no source available on the CD, but it is
available. Also, just because you put source on the CD doesn't mean that it
is the same source that you used to compile the tool. I can compile a tool,
put a trojan and then put the original sources on the CD and say it's the
source I used to compile the tool. So you have the sources big deal, in
reality they are the wrong ones. Just because someone says here are the
sources doesn't always lend more crediability to a product unless you test
it against the compiled version which would be the same as downloading it
from the internet and testing the source against the compiled version.

So just because KNOPPIX doesn't have the Kernel Source on the CD don't trust
it?

The reason, I bring this up is that sometimes, because of the open source
attidtude we say if it ain't got source then it isn't trusted. Well guess
what, people trust Microsoft everyday. Opensource means that the source is
available to test against the compiled version. Available doesn't mean on
the CD.

Now I am not very familiar with KNOPPIX-STD. I do have a copy but haven't
tested it. Now if there are tools where you can't find the source or no
link to the source then I would say thats another story.

What I did was to provide links to the additional tools I installed on my
Distro. Also, alot depends on the credability of the Author. Is the Author
of KNOPPIX-STD trustworthy enough to trust? These are things that need to
be addressed also. If the Author is a known hacker or criminal then I
wouldn't trust it. If he is well respected in the infosec comunity then I
trust he didn't do anything to the sources. That doesn't mean that I
wouldn't test it. I am a law enforcement officer who has to testify in
court. I have to meet a higher standard compared to private industry. The
way I acomplish this is by building proficiency with tools and at least
testing them.

I don't want to argue with you, just point out that sometimes to much
importance is placed on sources and not enough on testing.

Bottom line. Like I said, test it and if it works use it.

Now I have heard that some tools on KNOPPIX-STD don't work. I can not
confirm this as I have not tested it.


Thanks,

Ernie Baca
Phoenix, Arizona

www.linux-forensics.com





>From: "der.hans" <>
>Reply-To:
>To:
>Subject: Re: Anyone played with Knoppuix-STD yet?
>Date: Mon, 14 Jul 2003 00:58:34 -0700 (MST)
>
>Am 13. Jul, 2003 schwätzte Thomas Cameron so:
>
> > I know several folks have spoken highly of Knoppix.
> >
> > http://www.knoppix-std.org/ is a version of Knoppix which is supposed to
>be
> > specialized for security work. Anyone played with it yet?
>
>Don't use it!!!
>
>I got a copy at the meeting Thu. I've been dog-sitting for a friend and
>using Knoppix to ssh back home to work from there. Fri I tried knoppix-std.
>I went through and looked at what was on the CD. Looked pretty good until
>towards the end where he said he had a directory that had source code for
>the programs WHEN HE COULD FIND IT.
>
>Do not trust security code for which you don't have the source code. The
>fact that he's including programs for which the source code isn't available
>is insane and tells me I certainly don't want to trust him to get it right.
>
>The moral of the story: don't use knoppix-std until source code is
>available
>for EVERYTHING on it, and someone with security has done an audit.
>
>It's great that he's including source code for packages, but source code
>should be available for all of them.
>
>ciao,
>
>der.hans
>--
>#  https://www.LuftHans.com/    http://www.AZOTO.org/
>#  If you're not learning, you're not living. - der.hans

>
>---------------------------------------------------
>PLUG-discuss mailing list -
>To subscribe, unsubscribe, or to change you mail settings:
>http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
http://join.msn.com/?page=features/virus


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-$150 Intel 1UsArizona Technology Expo - Another sign, Kyle (note at bottom)->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)