Looking for distribution suitable for hostile environments, no anonymity, penetration, or forensics needed
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Mainly Devuan, antiX, & Void, with Tiny Core, Fatdog, & BSD thrown in.
Posts: 5,498
Rep:
You could try loading to ram, several distros allow that, once in ram you remove the original disk, so it can't be compromised, it's like having a fresh installation everytime you boot up.
Or, you could try one of the BSDs instead of Linux, if you think the system is being manipulated; BSDs are just that little bit different to Linux, which is probably enough to stop your problem from working on it.
Thanks notKlaatu! Porteus is looking like what I had in mind. Along those same lines with my original request I found AntiX, seemingly designed for live medium USBs with persistent storage.
Ondoho, a hacked router was what I was worried about. I have heard of this but never found anyone with enough expertise to tell me whether or not It could be the problem, or even how to tell. I have already done factory resets, not much help there, but maybe its time for some firmware flashing.
Numptius - someone in my house or area messing around would be likely, but my physical environment is totally secure, i'm the only one on my modem/LAN and Wifi is all off, everything is Ethernet cable.
AwesomeMachine - I haven't looked into Watchguard but actually have a working, liscened Sonicwall, and still have these problems. Would you believe it?
fatmac - doing everything from ramdisk environments is pretty much the idea I've had but haven't had the time to muddle through. Firewall distributions are designed to run everything from ramsdisks, like live cds. As far as BSDs I've been meaning to re-install FreeBSD(That and Arch Linux were my favorite OS's), and maybe just try the hardest nut out there, OpenBSD. BTW, how would you say your distro, AntiX would work for this?
I'm already in the critical situation of having to install one OS, see how I like it, wait till it gets compromised and 1 pass 0's then restart with a new distribution, seeing if I have better luck...
Looks like I'm on my way for now though. I think this is a starting point, thanks everyone.
EDIT: I've learned 1 piece of advice. "When all else fails, use Tails". I'm going to add that as my signature. It's ability to provide security, privacy, and anonymity in the toughest environments has gotten me through quite a bit. If things are getting attacked 1 tails live USB with persistent storage can be like a "base" to download and burn other OS discs from.
To keep things compatible with tails, I need something with the Debian-keyring available in the repo. The Tails website recommends Debian, Ubuntu, or Mint, but they are too easily compromised. What would the most security-hardened distro with the Debian-keyring available be? Kali is Debian based, but has a lot of packages changed, so I might need to try that next.
Any other ideas other than Kali on a hardened Debian-based distro?
Last edited by EntangledTux; 07-06-2018 at 11:07 PM.
It sounds like a crazy place to live if all this is happening; personally, I'd be allowing it to get attacked just to watch and see what's happening in WireShark.. what about setting up a Raspberry Pi as an onion router?
Distribution: Mainly Devuan, antiX, & Void, with Tiny Core, Fatdog, & BSD thrown in.
Posts: 5,498
Rep:
Quote:
fatmac - doing everything from ramdisk environments is pretty much the idea I've had but haven't had the time to muddle through. Firewall distributions are designed to run everything from ramsdisks, like live cds. As far as BSDs I've been meaning to re-install FreeBSD(That and Arch Linux were my favorite OS's), and maybe just try the hardest nut out there, OpenBSD. BTW, how would you say your distro, AntiX would work for this?
I use both AntiX & OpenBSD machines.
AntiX can be run from ram, just select it when starting up - it can also be remastered so that you can have what you need.
OpenBSD is a good system, if all your hardware is supported.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.