From Fedora Project Wiki

m (→‎Benefit to Fedora: remove wishlist)
(52 intermediate revisions by 11 users not shown)
Line 4: Line 4:


= Fedora Security Spin =
= Fedora Security Spin =
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://fedorahosted.org/security-spin/}}
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://pagure.io/security-lab}}
== Summary ==
== Summary ==
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.


== Owner(s) ==
== Owner(s) ==
* Original Owner: [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller ]]
* Owner(s): [[User:fab | Fabian Affolter]]


* current Owner: [[JoergSimon]]
* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
 
* Former Owner(s): [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller]], [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]], [[User:Jsimon | Joerg Simon]]


== Detailed Description ==
== Detailed Description ==
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast LXDE Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[https://fedorahosted.org/security-spin/wiki/availableApps]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.


== Benefit to Fedora ==
== Benefit to Fedora ==
* covered by the above Description
* Covered by the above description
* A stable platform for teaching security along Security Classes in Universities and Organisations like the [http://www.isecom.org ISECOM]
* A stable platform for teaching security along security classes in universities and organisations like the [http://www.isecom.org ISECOM]
** People learn about Fedora through these Classes
** People learn about Fedora through these classes
* Showcase for all Security-Features
* Showcase for security features and testing
* a complete Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
* A toolset for proper security testing
* gather interested People to package new upstreams for this spin  
* A complete repair/rescue system - with tools not contained on the other LiveCDs to rescue your System
** see [https://fedorahosted.org/security-spin/wiki/Wishlist Wishlist]
* Gather interested people to package new tools for this spin  
* Cool Marketing Instrument!
* Cool marketing instrument and a story to tell
* There are Industry Partners who are interested to contribute
* There are industry partners who are interested to contribute
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv2.pdf SecuritySpin and the OSSTMM]
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv5.pdf SecuritySpin and the OSSTMM]


== Kickstart File ==
== Kickstart File ==
* https://fedorahosted.org/security-spin/browser/fedora-livecd-security.ks
 
* https://pagure.io/security-lab/blob/master/f/fedora-livecd-security.ks


== ISO Name / FS Label ==
== ISO Name / FS Label ==
Line 37: Line 40:
== Dependencies ==
== Dependencies ==
* security-menus
* security-menus
** https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17  
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE


== Scope / Testing ==
== Testing / QA ==
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Test installs from livecd and usb, test livecdcreator
* Test installs from livecd and usb, test livecd-creator
** persistence of Security Menu after installs
* Persistence of Security Menu after installations
* how the [https://fedorahosted.org/security-spin/wiki/availableApps available Applications] work
* How do the [https://fedorahosted.org/security-spin/wiki/availableApps available applications] work?
** what else is needed to have it as a good rescue system as well?
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test-cases]
* work on customize Artwork - ongoing
* As of Fedora 16, Security Lab release validation test events are available.
 
Please track your checks on the relevant release in the [https://fedoraproject.org/wiki/Category:Security_Lab_Testing Security Lab Testing category]


== Spins Page ==
== Spins Page ==
See https://fedorahosted.org/security-spin/wiki/spinspage
See https://fedorahosted.org/security-spin/wiki/spinspage


Spins Page is set up http://spins.fedoraproject.org/security/
Spins Page is set up https://labs.fedoraproject.org/security/


[[Category:Spins Ready For SIG]]
[[Category:Spins_Fedora_23]]
[[Category:Spins_Fedora_22]]
[[Category:Spins_Fedora_21]]
[[Category:Spins_Fedora_20]]
[[Category:Spins_Fedora_19]]
[[Category:Spins_Fedora_18]]
[[Category:Spins_Fedora_17]]
[[Category:Spins_Fedora_16]]
[[Category:Spins_Fedora_15]]
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_13]]
[[Category:Security Lab]]
[[Category:Spins]]

Revision as of 15:11, 30 August 2017

Spins-banner security.png

Fedora Security Spin

Note.png
Wiki Page Purpose
This page follows the Spins_Process. The Development Home can be found at https://pagure.io/security-lab

Summary

The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.

Owner(s)

Detailed Description

The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[1]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.

Benefit to Fedora

  • Covered by the above description
  • A stable platform for teaching security along security classes in universities and organisations like the ISECOM
    • People learn about Fedora through these classes
  • Showcase for security features and testing
  • A toolset for proper security testing
  • A complete repair/rescue system - with tools not contained on the other LiveCDs to rescue your System
  • Gather interested people to package new tools for this spin
  • Cool marketing instrument and a story to tell
  • There are industry partners who are interested to contribute
  • and also contained in this presentation SecuritySpin and the OSSTMM

Kickstart File

ISO Name / FS Label

  • ISO name: Fedora-$release-$arch-LiveSecurity
  • FS-Label: Fedora-$release-$arch-Security

Dependencies

Testing / QA

Please track your checks on the relevant release in the Security Lab Testing category

Spins Page

See https://fedorahosted.org/security-spin/wiki/spinspage

Spins Page is set up https://labs.fedoraproject.org/security/