I just finished the bugfix version of the HeX 1.0.3 Live (CNY Release) image.
You can get it (in torrent form) from the Security Torrent Depot at http://www.redsphereglobal.com:88/torrent.html?info_hash=77f31dbc8d641500530760e62f17d1a08e433b96 or you can get it from the below direct download site.
USA Site
MD5 (HeX-i386-1.0.3-final-usb.img.gz) = 5fb1498b3437fada0b38602324d8f5e0
Usage instructions are simple:
dd if=/path/to/HeX-i386-1.0.3-final-usb.img of=/path/to/usbstick/device bs=1M
Look for the new HeX 2.0 to be out soon, all based on FreeBSD 7.0R!
Note that some usb sticks will be smaller than others (even if it's "2G") and that even if you write it and dd produces an error saying that not enough space is available... this is OK and your HeX LiveUSB will still work fine.
Cheers,
JJC
Showing posts with label LiveUSB. Show all posts
Showing posts with label LiveUSB. Show all posts
Monday, March 17, 2008
Friday, February 29, 2008
Security Torrents
To fill the need to host and download multiple large security related torrents, I have put a tracker online at http://www.redsphereglobal.com:88. You will primarily find items on this site in the following categories:
Toolkits
Anything that I or various other contributing members find useful, relevant or fun with respect to security. Current items that will go into this category are the various HeX (all) releases and InProtect LiveUSB releases.
Distros
Any custom distributions that have been designed to fit security needs and/or perform specific tasks.
Packet-Captures
Any large packet captures or trace files that are obviously not going to fit on the www.openpacket.org site. There is one up there now, it is the malicious traffic that Richard Bejlich captured at the 2007 Shmoocon. This torrent was created and added by giovani...so a shout out goes to him!
Having said all of that, we will (as with all trackers) need seeders. So if you have a little extra bandwidth and/or want to contribute in any way please let us know!
Cheers,
JJC
Toolkits
Anything that I or various other contributing members find useful, relevant or fun with respect to security. Current items that will go into this category are the various HeX (all) releases and InProtect LiveUSB releases.
Distros
Any custom distributions that have been designed to fit security needs and/or perform specific tasks.
Packet-Captures
Any large packet captures or trace files that are obviously not going to fit on the www.openpacket.org site. There is one up there now, it is the malicious traffic that Richard Bejlich captured at the 2007 Shmoocon. This torrent was created and added by giovani...so a shout out goes to him!
Having said all of that, we will (as with all trackers) need seeders. So if you have a little extra bandwidth and/or want to contribute in any way please let us know!
Cheers,
JJC
FreeBSD 7.0 Released
I am pleased to announce (a few days late) that FreeBSD 7.0R has been released as of Feb 27, 2008! More info here on the release.
You might (I hope not) wonder why this is exciting? Really, aside from the dramatic and significant enhancements to the overall functionality and stability of the operating system, it means that several OSS projects will be moving forward with new development work based on the 7.0 Release. Specifically, we will now begin work on HeX 2.0 with new nifty features to suit your packet loving needs! I also suspect that we will see some additional traction from the freesbie folks.
Further, I will be releasing a new version of the InProtect LiveUSB that will be based on FreeBSD 7.0 Release as soon as the build finishes!
Tuesday, February 19, 2008
InProtect LiveUSB 0.80.3 Beta!
Though the InProtect project has not made a large number of public postings lately (beta releases and the like...) we have been quite busy. We will soon be releasing a tarball of the latest 0.80.3RC1. That is not, however, the purpose of this article but rather I am releasing a liveUSB image that is an entirely self-contained and functioning installation of InProtect on a FreeBSD 6.3-Current system.
I came up with the idea to create the InProtect LiveUSB when someone requested that I build one for another project that I am an active member of (HeX). Unfortunately it has taken me several months to get the time put together to actually build this tool. Having said that, I am quite pleased with the outcome and functionality of the tool. Placing this tool onto a USB thumb drive gives the user extreme versatility from the perspective of security. Obviously the nature of a USB thumb drive is not terribly secure; we can put them in our pocket and have them fall out in a parking lot where anyone could conceivably pick it up and snag the data off of it and multiple other scenarios. I am more talking about the security of the location or client that may have a sensitive environment with sensitive data and the like. In this scenario the USB device could be taken in and left with the organization, post scan, that has such sensitive data. Again though, the primary purpose of this build is to allow for a solid demo of the InProtect system.
As I said earlier, the system was built using FreeBSD 6.3-Current, ontop of this I built fluxbox (and several applications such as firefox), mysql51, apache22, php5 and several perl modules that are InProtect dependencies. I manually configured all of the components to work with InProtect, the installer currently does not work on freebsd though I am in the process of building a port. In-short, and as stated earlier, this is a fully functional InProtect scanner with a few things that need to be completed by the end-user; Nessus 3.0.x install and jpgraph for php5 install.
The Nessus and jpgraph items are not included in this image due to their licensing restrictions (not GPL). It is for this reason they must be manually installed.
First you will need to download the InProtect LiveUSB 0.80.3 image here:
http://www.redsphereglobal.com/data/tools/security/live/inprotect-i386-0.80.3-beta.usb.img.gz
MD5 (inprotect-i386-0.80.3-beta.usb.img.gz) = 605a5b20d754ea7e6305922695f301ba
SHA256 (inprotect-i386-0.80.3-beta.usb.img.gz) = 1d562d17db0ef4e3afefcca18fd40932b7faecdddd673910c3ad11a4aab4434b
After obtaining the image and gunzipping it you will want to use dd to write it to a 2G or larger USB thumb drive. NOTE that you want to write it to the device itself and NOT to a specific partition on the device. Also, if you didn't figure it out... this will overwrite anything that you may currently have on your thumb drive.
At this point you should be able to boot from your new shiny LiveUSB thumbdrive. The initial login details are simple (these ARE case sensitive so pay attention!):
suggest playing around just a little bit. A few tips, this isn't windoze, you access the main menuwith fluxbox, I by right clicking anywhere on the desktop. The image to the right shows the menu of the InProtect LiveUSB. The highlighted option will take you to the Nessus and jpgraph installation instructions.
Even before you install Nessus or jpgraph you will be able to login to the local instance of InProtect by selecting the InProtect menu option as displayed below. Once you have selected the InProtect menu item, you will be able to use
admin / admin for the login and password to access the local instance of InProtect.
Note that until you install Nessus you will not be able to run any scans.
In this image I have already created a default scan zone and default scanner so that once Nessus is installed and the Nessus user created, as noted in the instructions contained on the image, the system is fully functional and scans can be immediately created and executed.
As always please feel free to contact me or leave any comments, criticisms, suggestions or otherwise that you might have.
Cheers,
JJC
I came up with the idea to create the InProtect LiveUSB when someone requested that I build one for another project that I am an active member of (HeX). Unfortunately it has taken me several months to get the time put together to actually build this tool. Having said that, I am quite pleased with the outcome and functionality of the tool. Placing this tool onto a USB thumb drive gives the user extreme versatility from the perspective of security. Obviously the nature of a USB thumb drive is not terribly secure; we can put them in our pocket and have them fall out in a parking lot where anyone could conceivably pick it up and snag the data off of it and multiple other scenarios. I am more talking about the security of the location or client that may have a sensitive environment with sensitive data and the like. In this scenario the USB device could be taken in and left with the organization, post scan, that has such sensitive data. Again though, the primary purpose of this build is to allow for a solid demo of the InProtect system.
As I said earlier, the system was built using FreeBSD 6.3-Current, ontop of this I built fluxbox (and several applications such as firefox), mysql51, apache22, php5 and several perl modules that are InProtect dependencies. I manually configured all of the components to work with InProtect, the installer currently does not work on freebsd though I am in the process of building a port. In-short, and as stated earlier, this is a fully functional InProtect scanner with a few things that need to be completed by the end-user; Nessus 3.0.x install and jpgraph for php5 install.
The Nessus and jpgraph items are not included in this image due to their licensing restrictions (not GPL). It is for this reason they must be manually installed.
First you will need to download the InProtect LiveUSB 0.80.3 image here:
http://www.redsphereglobal.com/data/tools/security/live/inprotect-i386-0.80.3-beta.usb.img.gz
MD5 (inprotect-i386-0.80.3-beta.usb.img.gz) = 605a5b20d754ea7e6305922695f301ba
SHA256 (inprotect-i386-0.80.3-beta.usb.img.gz) = 1d562d17db0ef4e3afefcca18fd40932b7faecdddd673910c3ad11a4aab4434b
After obtaining the image and gunzipping it you will want to use dd to write it to a 2G or larger USB thumb drive. NOTE that you want to write it to the device itself and NOT to a specific partition on the device. Also, if you didn't figure it out... this will overwrite anything that you may currently have on your thumb drive.
dd if=/path/to/foo/inprotect-i386-0.80.3-beta.usb.img of=/dev/da0 bs=1MYour output file path may be different than /dev/da0 (this is mine on a freebsd boxen). The key is that you are writing directly to the device address and NOT to a partition, that will NOT work. Assuming that you have a thumb drive and computer capable of USB2.0 this process should take around 10 minutes to write all of the data.
At this point you should be able to boot from your new shiny LiveUSB thumbdrive. The initial login details are simple (these ARE case sensitive so pay attention!):
Username: InProtectOnce logged in type startx to get into fluxbox. From here, if you are not familiar
Password: inprotect
suggest playing around just a little bit. A few tips, this isn't windoze, you access the main menuwith fluxbox, I by right clicking anywhere on the desktop. The image to the right shows the menu of the InProtect LiveUSB. The highlighted option will take you to the Nessus and jpgraph installation instructions.Even before you install Nessus or jpgraph you will be able to login to the local instance of InProtect by selecting the InProtect menu option as displayed below. Once you have selected the InProtect menu item, you will be able to use
admin / admin for the login and password to access the local instance of InProtect.Note that until you install Nessus you will not be able to run any scans.
In this image I have already created a default scan zone and default scanner so that once Nessus is installed and the Nessus user created, as noted in the instructions contained on the image, the system is fully functional and scans can be immediately created and executed.
As always please feel free to contact me or leave any comments, criticisms, suggestions or otherwise that you might have.
Cheers,
JJC
Friday, February 15, 2008
HeX 1.0.3 LiveUSB (CNY Release)
After much adeau, here it is! Instructions for usage are quite simple, dd it to your usb thumb drive (the drive, not a partition or it will NOT work). This image includes all of the same features as our mainline HeX 1.0.3 release but is on USB not CD, the filesystem is therefore also writable. You will need a minimum of a 2G Thumb Drive or Memory Stick to write this. I say "Memory Stick" because I have heard rumor of some people using SD rather than USB Thumb Drives to use this tool.
So for example on my freebsd system I would dd as follows:
dd if=/path/to/foo/hex-i386-1.0.3.usb.img of=/dev/da0 bs=1M
command is simple... if is the Input File, output is the Output File (in this case it is the da0 device) and bs=1M is setting the block size to 1mb - this helps to speed up the write process.
Downloads:
USA Site (521MB)
USA MD5 Verification
USA SHA256 Verification
Malaysia Mirrors to be populated soon, I'll post them when they are.
Cheers,
JJC
So for example on my freebsd system I would dd as follows:
dd if=/path/to/foo/hex-i386-1.0.3.usb.img of=/dev/da0 bs=1M
command is simple... if is the Input File, output is the Output File (in this case it is the da0 device) and bs=1M is setting the block size to 1mb - this helps to speed up the write process.
Downloads:
USA Site (521MB)
USA MD5 Verification
USA SHA256 Verification
Malaysia Mirrors to be populated soon, I'll post them when they are.
Cheers,
JJC
Subscribe to:
Comments (Atom)