Developing Your Own Portable Security Toolkit

Finding the right utility or tool can shave a significant amount of time and effort from a given task or even let you complete tasks that would otherwise be impossible. Many of us have discovered our favorite tools by word of mouth or while looking for the solution to a particular problem. But as you know, finding a great tool is only half the battle: You must then download and install it, learn to use it in your environment, and figure out how to fit it into your existing security toolkit.

Why not let someone else collect and configure several worthwhile tools into a ready-made, portable toolkit? Many savvy administrators are doing just that. Numerous toolkit developers and organizers are using Linux, which lets them customize the OS around their chosen suite of tools, to make bootable CD-ROM toolkits. One such kit is the free Auditor security collection, a set of security tools and utilities organized into the following categories: Footprinting, Scanning, Analyzing, Spoofing, Bluetooth, Wireless, Bruteforce, and Password cracker. If you haven't yet created a security toolkit, Auditor is a great place to start. Those who already have a kit will find it an able, easy-to-use platform, with a few caveats.

Download the most recent version of the Auditor image from http://www.remote-exploit.org and burn the image to a CD-ROM. Auditor's organizers have based the collection on KNOPPIX, a popular bootable CD-ROM collection of GNU and Linux software that supports automatic hardware detection and popular graphics cards; sound cards; Advanced Configuration and Power Interface (ACPI), SCSI, and USB devices; and other peripherals. (Visit http://www.knopper.net/knoppix/index-en.html for more information about KNOPPIX.)

Next, boot the Auditor CD-ROM on a computer that supports CD-ROM bootable images. The contents of the host system's hard disk are unaffected by Auditor, so when you finish running the program, simply remove the CD-ROM and reboot the computer to return it to its regular OS and configuration.

Auditor will ask you to specify the system's resolution (from 800×600 up to 1600×1200) and keyboard (e.g., American-US). The application will default to the Swiss-German keyboard mapping, so be sure to select the proper keyboard or your key mappings will be incorrect. Auditor's load time is fairly quick: only a minute or two on a 2.4GHz Pentium 4 system. After loading, Auditor logs you in as the root user of a simple yet efficient X Window desktop interface. From this desktop, you can explore the collection's many tools, along with Auditor's additional applications and utilities through the available menus or through a command prompt. You can access all the Auditor programs through the Go menu, which is an expanding directory structure similar to the Windows Start menu. From the Go menu, you can select from five top-level directories—Auditor, Applications, Utilities, Configuration, and Documentation—or you can select the Terminal option to open a window from which to invoke command-line tools.