Devil-Linux is a special secure Linux distribution which is used for firewalls, routers, gateways, and servers. The goal of Devil-Linux is to have a small, customizable, and secure Linux system. Configuration is saved on a floppy disk or USB stick, and it has several optional packages. Devil-Linux boots from CD, but can be stored on CF cards or USB sticks.
Cool Linux CD is a bootable CD that contains a a live Linux distribution based on RedHat 7.3. It also includes the XFS filesystem, devfs, IceWM, QVWM, ROX-filer, OpenOffice.org, Opera, Mozilla, Sylpheed, Pan, Licq, X-chat, GFTP, ppp-redialer, xmms, xine, mplayer, gqview, LinNeighborhood, IPTraffic, VMWare, and more.
The Viper IDS is an IDS sensor that can be used stand-alone or as an add-on to the Wolverine Firewall and VPN server. It can log all alert information to a remote MySQL database that can be analyzed by applications such as ACID, or can be used with Wolverine to provide real-time responses to potential threats by dynamically adjusting perimeter firewall rule sets. It uses Snort for attack signature detection.
ThePacketMaster Linux Security Server is a CD-based security auditing tool that boots and runs penetration testing and forensic analysis tools. It is handy for security auditors. Some tools included are nessus, ethereal, The Coroner's Toolkit, chntpw, and minicom. It includes modules for any Linux 2.4.20 SCSI driver.
Thinux is a thin-client server on a live CD. It boots a network of diskless computers to automatically start an application such as a Web browser. Each thin client machine acts as a cluster node to share its processing and memory resources with each other to take the load off the server. It is a turnkey solution that does not change nor rely on your existing systems to run. By booting from a removable CD, it does not lock-in the user so it is convenient to test. It is ideal for any organizations that require large deployment of software automatically and cost effectively.
INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using ntfs-3g), and the ClamAV virus scanner (including a fairly recent signature database and a GUI). It provides partition handling with gParted and also has a network boot facility.
Local Area Security Knoppix is a 'Live CD' distribution based on Knoppix but with a strong emphasis on security tools and small footprint. There are two different versions of L.A.S. Linux to fit two specific size requirements. There is a 185 MB version and a 210 MB version to fit on MiniCDs of the same size.
wrt54g-linux is a mini-distribution for the Linksys wrt54g 802.11b/g access point and router. It includes basic tools such as sh, syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, find, nfs modules, etc. The installation script runs in about 20 seconds and installs strictly to the RAM disk. If you mess anything up, simply reset the box. After installing the distribution you'll be able to telnet in, add Web pages, change iptable rules, change routing, configure snort, etc.