Devil-Linux is a special secure Linux distribution which is used for firewalls, routers, gateways, and servers. The goal of Devil-Linux is to have a small, customizable, and secure Linux system. Configuration is saved on a floppy disk or USB stick, and it has several optional packages. Devil-Linux boots from CD, but can be stored on CF cards or USB sticks.
S-terminal lets you create a secure X terminal. Regular X terminals pass unencrypted data between you the remote machine. S-terminal creates an encrypted tunnel through which all X traffic passes. It replaces the remote xdm login screen with a local application that collects username and password, then sets up an ssh tunnel to the remote host and starts a session. It is highly configurable both in appearance and behavior, and deployed S-terminals can be remotely administered. Best of all, it can be added to a KNOPPIX CD to create an instant, bootable, secure X terminal CD.
ThePacketMaster Linux Security Server is a CD-based security auditing tool that boots and runs penetration testing and forensic analysis tools. It is handy for security auditors. Some tools included are nessus, ethereal, The Coroner's Toolkit, chntpw, and minicom. It includes modules for any Linux 2.4.20 SCSI driver.
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
The Auditor security collection is a live-system based on KNOPPIX. It provides tools for analyzing the security of a system. It features a menu structure that reflects the stages of a security check: foot-printing, analysis, scanning, wireless, brute-forcing, cracking. In addition to about 300 security tools, the collection includes background information regarding standard configuration and passwords, truly extensive word lists, and more mundane productivity tools.
Grml is a live system (live CD) based on Debian. It includes a collection of GNU/Linux software especially for system administrators and users of texttools. It provides automatic hardware detection and its default shell is the zsh. You can use it e.g. as a rescue system, for analyzing systems/networks, or as a working environment. It is not necessary to install anything to a hard disk; you don't even need a hard disk to run it. Due to on-the-fly decompression, it includes more than 2 GB of software and documentation on the CD.
NuFW.Live is a live CD based on knoppix. This is the simplest way to test the authenticating firewall NuFW and its associated tools. NuFW.Live features all NuFW's related software. It includes identity-based filtering rules to Netfilter, Nulog 2, a powerful firewall log analysis Web interface, Nuface 2, an ACL management interface, and pyctd, a Netfilter connection tracking display and modification interface.