Fedora Security Lab
While procrastinating on work, Afnan Rehman stumbles upon Fedora’s littleknown distro focused on security auditing and rescue. Will it prove useful?
Security is a recurring concern for many in the IT industry. As computers and computing power proliferate around the world, threats grow. It’s the job of many in the IT field to address these threats, and one weapon in their armoury is the Fedora Security Lab. Fedora, as you may know, has multiple versions of its popular OS (called spins), designed for various uses from desktop day-to-day use to high productivity to education.
This particular spin comes as a live CD that can be burned to a bootable disc or flash drive. It’s marketed as a lightweight distro and its main purpose is to provide a safe and relatively secure environment for IT folks to do all their fancy testing work within. It includes security auditing, data forensics and a host of very nice data recovery tools. If you want to engage in some packet sniffing on a network, FSL gives you the tool to snoop on every protocol from ARP to UDP. Want to recover a password? Load up Ncrack or John (named after John the Ripper) and go at it. Want to make sure your code is rock solid? Flawfinder will analyse your code for potential vulnerabilities and tell you about them.
The desktop is fairly barebones, with window animations kept to a minimum, and the clean, light Xfce environment keeps resource usage low. At the foot of the screen are a few icons leading to the file explorer, terminal and a barebones web browser. The top left corner of the screen sports an Applications tab, which reveals the whole suite of desktop, system and security lab features and applications.
The applications are varied and plentiful. Some of the highlights include the popular Ettercap, Sqlninja and Medusa programs. As you might expect the vast majority of programs included are designed for security testing and no more. A handful of productivity and web browsing apps made the cut, but are just functional enough to accomplish any side tasks that may relate to the ultimate goal of security.
Modest requirements
One of the greatest things about this lightweight desktop system is its very low resource usage. In our testing it ran with no problems on an ancient Pentium 4 rig from 2004 just as well as in a virtual machine on an up-to-the-minute PC, so we can safely say you’re not likely to have any issues running it on your hardware. The read-write rootfs that forms the base of the live CD allows applications to be installed on the fly, without the system ever leaving the disk. This is very convenient and enables updates and new security software to be installed without the need to create a new disc.
The other heartening thing about Fedora Security Lab is that it is constantly supported and updated by a community of IT professionals and developers. This is nothing but good news for the professionals who need to use this software daily to adapt and defend against the ever-changing landscape of cyber attacks.
Of course this distro isn’t for everyone. The lack of desktop amenities or support for entertainment-oriented applications would make this particular distro inconvenient for people who just want to use a computer for everyday activities. Many of the applications are command-line based and require a relatively high level of skill to utilise effectively. For most users looking for a distro for everyday usage, I would recommend one of Fedora’s other great distros. However if you are a security professional or just like to tinker, this unique distribution is definitely worth a look.