From Fedora Project Wiki

m (→‎Owner(s): updated)
 
(24 intermediate revisions by 7 users not shown)
Line 4: Line 4:


= Fedora Security Spin =
= Fedora Security Spin =
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://fedorahosted.org/security-spin/}}
{{admon/note|Wiki Page Purpose|This page follows the [[Spins_Process]]. The Development Home can be found at https://pagure.io/security-lab}}
== Summary ==
== Summary ==
The Fedora Security Spin is a livecd based on Fedora to provide a safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools.
The Fedora Security Spin is a live media based on Fedora to provide a safe test environment for working on security auditing, forensics and penetration testing, coupled with all the Fedora Security features and tools.
 
== Previous releases ==
 
* [{{fullurl:Security_Lab|oldid=187467}} Fedora 14]
* [{{fullurl:Security_Lab|oldid=186849}} Fedora 13]


== Owner(s) ==
== Owner(s) ==
* Original Owners: [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller ]]
* Owner(s): [[User:q5sys | JT Pennington]]
* Former Owners: [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]]
* Current Owners: [[User:Jsimon | JoergSimon]], [[User:fab | Fabian Affolter]]


* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
* Quality Assurance: [[User:Athmane | Athmane Madjoudj ]]
* Former Owner(s): [[User:Lmacken | Luke Macken]], [[User:Maxamillion | Adam John Miller]], [[User:Cwickert | Christoph Wickert]], [[User:Hiemanshu | Hiemanshu Sharma]], [[User:Jsimon | Joerg Simon]], [[User:fab | Fabian Affolter]]


== Detailed Description ==
== Detailed Description ==
The spin is maintained by a community of Security Testers and Developers. It comes with the clean and fast LXDE Desktop Enviroment and a customized menu to have all the instruments one may need to follow a proper test-path on security testing[https://fedorahosted.org/security-spin/wiki/availableApps]or to rescue a broken system. With the read-write rootfs, it is possible to install software while the livecd is running. The Fedora liveusb-creator provides an overlay feature to put the security-spin on an usb-stick so that the user can install and update software - and can save his test-results permanently.
The spin is maintained by a community of Security testers and developers. It comes with the clean and fast Xfce Desktop Environment and a customized menu to have all the instruments one may need to follow a proper test path on security testing or to rescue a broken system. With the read-write rootfs, it is possible to install software while the live media is running. The Fedora livemedia-creator provides an overlay feature to put the Fedora Security Lab on an USB stick so that the user can install and update software and can save his test results permanently.


== Benefit to Fedora ==
== Benefit to Fedora ==
* covered by the above Description
* Covered by the above description
* A stable platform for teaching security along Security Classes in Universities and Organisations like the [http://www.isecom.org ISECOM]
* A stable platform for teaching security along security classes in universities and organisations
** People learn about Fedora through these Classes
** People learn about Fedora through these classes
* Showcase for all Security-Features
* Showcase for security features and testing
* A Toolset for proper Security-Testing
* A tool set for proper security testing
* a complete Repair/Rescue System - with tools not contained on the other LiveCD's to rescue your System
* A complete repair/rescue system - with tools not contained on the other Live media to rescue your system
* gather interested People to package new upstreams for this spin  
* Gather interested people to package new tools for this spin  
** see [https://fedorahosted.org/security-spin/wiki/Wishlist Wishlist]
* Cool marketing instrument and a story to tell
* Cool Marketing Instrument!
* There are industry partners who are interested to contribute
* There are Industry Partners who are interested to contribute
* and also contained in this presentation [http://jsimon.fedorapeople.org/fedora_osstmm_secspinv2.pdf SecuritySpin and the OSSTMM]


== Kickstart File ==
== Kickstart File ==


* http://git.fedorahosted.org/git/?p=spin-kickstarts.git;a=blob_plain;f=fedora-livecd-security.ks;hb=F-16
* https://pagure.io/security-lab/blob/master/f/fedora-livecd-security.ks


== ISO Name / FS Label ==
== ISO Name / FS Label ==
Line 48: Line 41:
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE
** <s>https://bugzilla.redhat.com/show_bug.cgi?id=548824#c17</s> DONE


== Scope / Testing / QA ==
== Testing / QA ==
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Run [[JeremyKatz/SpinChecklist#Testing_of_the_Spin| basic spin testing]]
* Test installs from livecd and usb, test livecdcreator
* Test installs from live media, test livemedia-creator
** persistence of Security Menu after installs
* Persistence of Security Menu after installations
* how the [https://fedorahosted.org/security-spin/wiki/availableApps available Applications] work
* How do the available applications work?
** what else is needed to have it as a good rescue system as well?
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test cases]
* work on customize Artwork - ongoing
* [https://fedoraproject.org/wiki/Category:Security_Lab Current security lab applications test-cases]
* As of Fedora 16, Security Lab release validation test events are available.
* As of Fedora 16, Security Lab release validation test events are available.
Please track your checks on the relevant release in the [https://fedoraproject.org/wiki/Category:Security_Lab_Testing Security Lab Testing category]


== Spins Page ==
== Spins Page ==
See https://fedorahosted.org/security-spin/wiki/spinspage


Spins Page is set up http://spins.fedoraproject.org/security/
Spins Page is set up https://labs.fedoraproject.org/security/


[[Category:Spins_Fedora_33]]
[[Category:Spins_Fedora_32]]
[[Category:Spins_Fedora_31]]
[[Category:Spins_Fedora_30]]
[[Category:Spins_Fedora_29]]
[[Category:Spins_Fedora_28]]
[[Category:Spins_Fedora_27]]
[[Category:Spins_Fedora_26]]
[[Category:Spins_Fedora_25]]
[[Category:Spins_Fedora_24]]
[[Category:Spins_Fedora_23]]
[[Category:Spins_Fedora_22]]
[[Category:Spins_Fedora_21]]
[[Category:Spins_Fedora_20]]
[[Category:Spins_Fedora_19]]
[[Category:Spins_Fedora_18]]
[[Category:Spins_Fedora_18]]
[[Category:Spins_Fedora_17]]
[[Category:Spins_Fedora_17]]
Line 69: Line 76:
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_14]]
[[Category:Spins_Fedora_13]]
[[Category:Spins_Fedora_13]]
[[Category:Security Lab]]
[[Category:Spins]]

Latest revision as of 19:53, 26 July 2022

Spins-banner security.png

Fedora Security Spin

Note.png
Wiki Page Purpose
This page follows the Spins_Process. The Development Home can be found at https://pagure.io/security-lab

Summary

The Fedora Security Spin is a live media based on Fedora to provide a safe test environment for working on security auditing, forensics and penetration testing, coupled with all the Fedora Security features and tools.

Owner(s)

Detailed Description

The spin is maintained by a community of Security testers and developers. It comes with the clean and fast Xfce Desktop Environment and a customized menu to have all the instruments one may need to follow a proper test path on security testing or to rescue a broken system. With the read-write rootfs, it is possible to install software while the live media is running. The Fedora livemedia-creator provides an overlay feature to put the Fedora Security Lab on an USB stick so that the user can install and update software and can save his test results permanently.

Benefit to Fedora

  • Covered by the above description
  • A stable platform for teaching security along security classes in universities and organisations
    • People learn about Fedora through these classes
  • Showcase for security features and testing
  • A tool set for proper security testing
  • A complete repair/rescue system - with tools not contained on the other Live media to rescue your system
  • Gather interested people to package new tools for this spin
  • Cool marketing instrument and a story to tell
  • There are industry partners who are interested to contribute

Kickstart File

ISO Name / FS Label

  • ISO name: Fedora-$release-$arch-LiveSecurity
  • FS-Label: Fedora-$release-$arch-Security

Dependencies

Testing / QA

Please track your checks on the relevant release in the Security Lab Testing category

Spins Page

Spins Page is set up https://labs.fedoraproject.org/security/