From Fedora Project Wiki

m (→‎Spins Page: add f20)
m (→‎Benefit to Fedora: remove wishlist)
(14 intermediate revisions by 6 users not shown)
Line 4: Line 4:


= Fedora Security Spin =
= Fedora Security Spin =
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://fedorahosted.org/security-spin/}}
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://pagure.io/security-lab}}
== Summary ==
== Summary ==
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.
== Previous releases ==
* [{{fullurl:Security_Lab|oldid=187467}} Fedora 14]
* [{{fullurl:Security_Lab|oldid=186849}} Fedora 13]


== Owner(s) ==
== Owner(s) ==
* Original Owners: [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller]], [[User:Jsimon | Joerg Simon]]
* Owner(s): [[User:fab | Fabian Affolter]]
* Former Owners: [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]]
* Current Owners: [[User:Jsimon | Joerg Simon]], [[User:fab | Fabian Affolter]]


* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
* Former Owner(s): [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller]], [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]], [[User:Jsimon | Joerg Simon]]


== Detailed Description ==
== Detailed Description ==
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast LXDE Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[https://fedorahosted.org/security-spin/wiki/availableApps]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[https://fedorahosted.org/security-spin/wiki/availableApps]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.


== Benefit to Fedora ==
== Benefit to Fedora ==
* covered by the above Description
* Covered by the above description
* A stable platform for teaching security along Security Classes in Universities and Organisations like the [http://www.isecom.org ISECOM]
* A stable platform for teaching security along security classes in universities and organisations like the [http://www.isecom.org ISECOM]
** People learn about Fedora through these Classes
** People learn about Fedora through these classes
* Showcase for all Security-Features
* Showcase for security features and testing
* A Toolset for proper Security-Testing
* A toolset for proper security testing
* a complete Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
* A complete repair/rescue system - with tools not contained on the other LiveCDs to rescue your System
* gather interested People to package new upstreams for this spin  
* Gather interested people to package new tools for this spin  
** see [https://fedorahosted.org/security-spin/wiki/Wishlist Wishlist]
* Cool marketing instrument and a story to tell
* Cool Marketing Instrument!
* There are industry partners who are interested to contribute
* There are Industry Partners who are interested to contribute
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv5.pdf SecuritySpin and the OSSTMM]
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv5.pdf SecuritySpin and the OSSTMM]


== Kickstart File ==
== Kickstart File ==


* http://git.fedorahosted.org/git/?p=spin-kickstarts.git;a=blob_plain;f=fedora-livecd-security.ks;hb=F-16
* https://pagure.io/security-lab/blob/master/f/fedora-livecd-security.ks


== ISO Name / FS Label ==
== ISO Name / FS Label ==
Line 48: Line 42:
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE


== Scope / Testing / QA ==
== Testing / QA ==
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Test installs from livecd and usb, test livecdcreator
* Test installs from livecd and usb, test livecd-creator
** persistence of Security Menu after installs
* Persistence of Security Menu after installations
* how the [https://fedorahosted.org/security-spin/wiki/availableApps available Applications] work
* How do the [https://fedorahosted.org/security-spin/wiki/availableApps available applications] work?
** what else is needed to have it as a good rescue system as well?
* work on customize Artwork - ongoing
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test-cases]
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test-cases]
* As of Fedora 16, Security Lab release validation test events are available.
* As of Fedora 16, Security Lab release validation test events are available.
Please track your checks on the relevant release in the [https://fedoraproject.org/wiki/Category:Security_Lab_Testing Security Lab Testing category]


== Spins Page ==
== Spins Page ==
See https://fedorahosted.org/security-spin/wiki/spinspage
See https://fedorahosted.org/security-spin/wiki/spinspage


Spins Page is set up http://spins.fedoraproject.org/security/
Spins Page is set up https://labs.fedoraproject.org/security/


[[Category:Spins_Fedora_23]]
[[Category:Spins_Fedora_22]]
[[Category:Spins_Fedora_21]]
[[Category:Spins_Fedora_20]]
[[Category:Spins_Fedora_20]]
[[Category:Spins_Fedora_19]]
[[Category:Spins_Fedora_19]]
Line 71: Line 68:
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_13]]
[[Category:Spins_Fedora_13]]
[[Category:Security Lab]]
[[Category:Spins]]

Revision as of 15:11, 30 August 2017

Spins-banner security.png

Fedora Security Spin

Note.png
Wiki Page Purpose
This page follows the Spins_Process. The Development Home can be found at https://pagure.io/security-lab

Summary

The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.

Owner(s)

Detailed Description

The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast Xfce Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[1]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.

Benefit to Fedora

  • Covered by the above description
  • A stable platform for teaching security along security classes in universities and organisations like the ISECOM
    • People learn about Fedora through these classes
  • Showcase for security features and testing
  • A toolset for proper security testing
  • A complete repair/rescue system - with tools not contained on the other LiveCDs to rescue your System
  • Gather interested people to package new tools for this spin
  • Cool marketing instrument and a story to tell
  • There are industry partners who are interested to contribute
  • and also contained in this presentation SecuritySpin and the OSSTMM

Kickstart File

ISO Name / FS Label

  • ISO name: Fedora-$release-$arch-LiveSecurity
  • FS-Label: Fedora-$release-$arch-Security

Dependencies

Testing / QA

Please track your checks on the relevant release in the Security Lab Testing category

Spins Page

See https://fedorahosted.org/security-spin/wiki/spinspage

Spins Page is set up https://labs.fedoraproject.org/security/