From Fedora Project Wiki

(edit according spin process)
(55 intermediate revisions by 10 users not shown)
Line 4: Line 4:


= Fedora Security Spin =
= Fedora Security Spin =
 
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://fedorahosted.org/security-spin/}}
== Summary ==
== Summary ==
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.


== Owner(s) ==
== Owner(s) ==
* Original Owner: [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller ]]
* Owners: [[User:Jsimon | Joerg Simon]], [[User:fab | Fabian Affolter]]


* current Owner: [[JoergSimon]]
* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
 
* Former Owners: [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller]], [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]]


== Detailed Description ==
== Detailed Description ==
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast LXDE Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can safe his test-results permanently.
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[https://fedorahosted.org/security-spin/wiki/availableApps]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.


== Benefit to Fedora ==
== Benefit to Fedora ==
Line 21: Line 23:
** People learn about Fedora through these Classes
** People learn about Fedora through these Classes
* Showcase for all Security-Features
* Showcase for all Security-Features
* A Toolset for proper Security-Testing
* a complete  Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
* a complete  Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
* gather interested People to package new upstreams for this spin  
* gather interested People to package new upstreams for this spin  
Line 26: Line 29:
* Cool Marketing Instrument!
* Cool Marketing Instrument!
* There are Industry Partners who are interested to contribute
* There are Industry Partners who are interested to contribute
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv2.pdf SecuritySpin and the OSSTMM]
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv5.pdf SecuritySpin and the OSSTMM]


== Kickstart File ==
== Kickstart File ==
* https://fedorahosted.org/security-spin/browser/fedora-livecd-security.ks
 
* http://git.fedorahosted.org/cgit/spin-kickstarts.git/tree/fedora-livecd-security.ks?h=master


== ISO Name / FS Label ==
== ISO Name / FS Label ==
Line 37: Line 41:
== Dependencies ==
== Dependencies ==
* security-menus
* security-menus
** https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17  
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE


== Scope / Testing ==
== Testing / QA ==
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Test installs from livecd and usb, test livecdcreator
* Test installs from livecd and usb, test livecd-creator
** persistence of Security Menu after installs
* Persistence of Security Menu after installations
* how the [https://fedorahosted.org/security-spin/wiki/availableApps available Applications] work
* How do the [https://fedorahosted.org/security-spin/wiki/availableApps available applications] work?
* work on customize Artwork - ongoing
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test-cases]
* As of Fedora 16, Security Lab release validation test events are available.
 
Please track your checks on the relevant release in the [https://fedoraproject.org/wiki/Category:Security_Lab_Testing Security Lab Testing category]


== Spins Page ==
== Spins Page ==
Already done http://spins.fedoraproject.org/security/
See https://fedorahosted.org/security-spin/wiki/spinspage
 
Spins Page is set up https://labs.fedoraproject.org/security/
 
[[Category:Spins_Fedora_23]]
[[Category:Spins_Fedora_22]]
[[Category:Spins_Fedora_21]]
[[Category:Spins_Fedora_20]]
[[Category:Spins_Fedora_19]]
[[Category:Spins_Fedora_18]]
[[Category:Spins_Fedora_17]]
[[Category:Spins_Fedora_16]]
[[Category:Spins_Fedora_15]]
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_13]]
[[Category:Security Lab]]
[[Category:Spins]]

Revision as of 19:42, 12 December 2015

Spins-banner security.png

Fedora Security Spin

Note.png
Wiki Page Purpose
This page follows the Spins_Process. The Development Home can be found at https://fedorahosted.org/security-spin/

Summary

The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.

Owner(s)

Detailed Description

The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[1]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.

Benefit to Fedora

  • covered by the above Description
  • A stable platform for teaching security along Security Classes in Universities and Organisations like the ISECOM
    • People learn about Fedora through these Classes
  • Showcase for all Security-Features
  • A Toolset for proper Security-Testing
  • a complete Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
  • gather interested People to package new upstreams for this spin
  • Cool Marketing Instrument!
  • There are Industry Partners who are interested to contribute
  • and also contained in this presentation SecuritySpin and the OSSTMM

Kickstart File

ISO Name / FS Label

  • ISO name: Fedora-$release-$arch-LiveSecurity
  • FS-Label: Fedora-$release-$arch-Security

Dependencies

Testing / QA

Please track your checks on the relevant release in the Security Lab Testing category

Spins Page

See https://fedorahosted.org/security-spin/wiki/spinspage

Spins Page is set up https://labs.fedoraproject.org/security/