LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Best Distro for Learning Security?? (Loaded Question I know) (http://www.linuxquestions.org/questions/linux-security-4/best-distro-for-learning-security-loaded-question-i-know-816672/)

Ubunoob001 06-27-2010 03:57 PM

Best Distro for Learning Security?? (Loaded Question I know)
 
Hey all!
So I am reasonably new to Linux. I currently run Ubuntu 10.04 alongside Vista. I have been looking for a few linux projects to help me learn, the two that I have thought of have been:

1. LFS
2. Something security related

As for no.2, I am interested in learning about network security, intrusion detection, system logging, firewall logging etc. And as a project I would like to work on creating a desktop box as secure as possible, then maybe testing my own box on my home network.

Question 1. Is there a good linux distro that is designed for security?
Note:. I know people often say "the distro doesn't matter, it only matters how you configure it.
2. Does everyone agree with this? As far as security, learning, etc, are all distros created equally?

I suppose I am wondering if any distro (kernel, patches, setup, utilities, is better set up for LEARNING security procedures etc.

keep im mind im a newbie so be gentle!! Thanks!

jrtayloriv 06-27-2010 04:11 PM

Please don't ask the same question in two different forums.

You don't need a special Linux distro to learn about security. Ubuntu is totally sufficient for you to learn about security. It's "securable" enough for world-class web sites such as Wikipedia to run their servers on it. And you'll waste less time dealing with the OS and more time learning with the security and networking applications that you're trying to learn about.

Pick something you're interested in -- perhaps setting up an IDS or a firewall -- and just do it. That's how you'll learn about security.

linus72 06-27-2010 04:55 PM

weaknet linux is about learning security
http://weaknetlabs.com/main/?page_id=18

and Pentoo's good
http://www.pentoo.ch/about

heres a good list
http://securitydistro.com/

pr_deltoid 06-27-2010 09:45 PM

For learning about security, like you want to learn about networking and firewalls and intrusion detection, etc.? As far as I know, any distribution would do...

salasi 06-28-2010 03:01 AM

Quote:

Originally Posted by Ubunoob001 (Post 4016615)
... I am interested in learning about network security, intrusion detection, system logging, firewall logging etc.

That's already a wide range of subjects....not that I am suggesting that it is in any way bad to want to learn a wide range of subjects, just that you may want to focus on a smaller number to start.

Quote:

And as a project I would like to work on creating a desktop box as secure as possible,
A laudable aim, even if you don't want to learn more about security

Quote:

Question 1. Is there a good linux distro that is designed for security?
Before I even answer that, I'd say it, or what it implies, isn't a single question, and doesn't get a single answer.
If you mean, what distro of linux (and you may not want to dismiss the BSDs either, but just to keep the discussion simple, I'll stick to Linuxes) is designed to be secure, then I'd suggest that there isn't much difference in what they can do. Some are slightly better set up by default, but it is unclear whether suggesting something better set up by default is doing anything other than depriving you of the chance to learn?

OTOH, you may mean the other side of the equation, something like penetration testing. There are pen testing and security tools distros, and they are a convenience, but the reason that they are a convenience is that they collect a number of tools in one place. If you were a 'hacker' maybe you'd take the attitude <Comedy French accent> I spit on your lousy pern tursting distro and I build my earn</Comedy French accent>; having a distro for this only provides you with an easy-to-carry, all-in-one-place CD/DVD. Beyond that, its the tools...

Quote:

Note:. I know people often say "the distro doesn't matter, it only matters how you configure it.
No, it is also the tools. If you don't learn the tools and know which tool is good for what purpose, you can't use them. Which distro gives you the tools that you don't know how to use doesn't matter because you still don't know how to use them.

As a concrete suggestion, I would suggest that you get a copy of wireshark (or similar), look at what is going on on your network and try to prepare for a test; if someone were to ask you what any packet on your network was doing, could you explain in detail what any packet was about? (This is a good, general purpose, networking exercise and doesn't directly have anything to do with security, but trying to learn about security without a solid understanding of networking, when dealing with networked computers, is a bit of a waste of time. You may have to do this sometime when the network is quiet-ish at first to avoid being overwhelmed.)

Another fun thing to do is to grab a pdf of the iptables documentation at frozentux and read through all of that (due dilligence warning; it is a long document, not hard to read, but there really are several pages; set aside some time for this).


All times are GMT -5. The time now is 01:27 AM.