Netsecl OS?

Discussion in 'all things UNIX' started by new2security, Nov 20, 2013.

Thread Status:
Not open for further replies.
  1. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    I've tried Netsecl* couple of years ago and found it very interesting. Does anyone know if current Netscl uses Suse's official repos so one could download e.g. Chrome browser?

    *Netsecl OS - seems to be the ultimate distro for those who are security conscious but doesn't want to tinker with PaX/Grsecurity / build your own kernel etc. :)
     
    Last edited: Nov 20, 2013
  2. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi
    Check it on this page
    http://susestudio.com/a/EmL6GN/netsecl-os--3

    I have tried it last year as a live CD, but was quite disapointed, especially in comparison to similar distro like Kali.
    Network hardened by default, mostly devoted for offensive and pentest tasks.
    but i doubt about the latest Grsecurity kernel patch.

    This is not the ultimate security focused distribution
    By experience, it is difficult to find the distro that will circumscribe the security world:
    pentesting, wireless attack and defense, forensic tasks, defensive tasks, web application assessment, privacy arsenal etc.
    For my concern, the most interesting passive, defensive, security focused OS distribution are Qubes and Whonix.

    rgds
     
  3. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    Why do you have doubts about its Grsecurity patch?

    Gave it a try yesterday. Dawned on me that Netsecl is in RAW format that requires a special tool (if you're not on a Suse distro already) to be able to use it on an installation medium (USB only). Couldn't bother with the next step, yet.

    I have a spare partition for Linux so Netsecl came to mind as it is the only(?) distro that has Grsecuritiy + pax as easy-to-enable options per post-installation.
    SElinux I couldn't bother with. Played with it few years back when I had Fedora on my system.

    Also OpenBSD is out of the question - while the OS itself is secure, the third-party software "is as is" and hopelessly behind current / updated versions. Perhaps the built-in mitigation techniques in the OS itself will thwart common exploits, but still... No, I feel OpenBSD is better suited for servers.

    Whonix and Kali - more for anonymous computer usage than security I assume? I'm not familiar with Qubes other than that they try to be secure using virtualization techniques.
     
  4. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    ust a coffee post...
    For the Grsecurity kernel patch i was wondering if the last NetSecL OS virtual appliance was builded with the latest version of Grsecurity.
    Regarding the image on USB, this is not a problem as many free USB installer and writers are able to do this task...like the Suse one or even dd.
    http://en.opensuse.org/openSUSE:SUSE_Studio_Disc_Image_Howtos

    Agree for the comparison with SeLinux, less exhaustive than Grsecurity.

    Security is a general terminology, and we talk about security distros, it means mainly defensive and passive tasks, even if some of them come with an arsenal to attack the attacker...
    There is other distributions that are patched by default with Grsecurity, and as an example i have already mentioned Fortress Linux on this *Nix place.
    As a server. it has been prooved that BSD family OSs are reliable and secure, especially OpenBSD, even if their old school style does not help them to become more popular.
    Kali, ex backtrack is the king of offensive distributions, and like NetsecL OS has been designed for pentesting like servers rooting.
    Well...i guess that one of the most important helpful criteria when choosing a distribution is the importance and activity of its community and team devoted to maintain it.
    By experience, many interesting distros, based or not on security, have been discontinued because their team, community and users was too small.
    Anyway have a nice try with NetsecL OS.
     
Loading...
Thread Status:
Not open for further replies.