Bootable CD-ROM Based Tool KitsThe easy-to-install commercial products for testing network security are feature rich, but many of them are expensive. On the other hand, many of the comparable open source alternatives are freely available for download from the Internet. However, the installation and configuration process (for the open source tools) often demands significant time and resources of the overworked Netadmin. Fortunately, the Linux-based live CD-ROM provides a preinstalled security tool kit that can be deployed in less than five minutes. The live CD-ROM consists of a fully functional Linux operating system with built-in hardware detection for Intel (or similar architecture) computers. The live CD-ROM (also referred to as a bootable CD-ROM) requires no installation. Deployment is as easy as inserting the CD-ROM into a bootable CD-ROM drive and rebooting the computer. The tools are ready to use because they are precompiled and, in most cases, preconfigured. The live CD-ROM does not write to the existing hard drives and uses only system memory. Thus, after removing the CD-ROM, the original operating system is left untouched. Moreover, despite issues with a preinstalled OS or with hard drive malfunctions, you can still boot your computer using a live CD-ROM. In addition, you can connect to the network resource through SSH, Telnet, a browser, or a mail client and administer your network. This is a major advantage offered by live CD-ROM as a backup option for Netadmins. Another advantage is the availability of a fully installed Linux system with preloaded security tools that can be used on any laptop/computer without installation on the hard drive. Table 7-1 provides a list of the feature-rich Linux live CD-ROMs that are relevant to Cisco Netadmins. Most of the tools discussed in this chapter are available on the CD-ROMs listed in Table 7-1.
To use the tools included with the live CD-ROM, you must first create the live CD-ROM. Live CD-ROMs are created by transferring the ISO image file of the CD-ROM to a recordable CD-ROM. (An ISO image file is an image of a CD-ROM that is saved in ISO 9660 format and is commonly used to create bootable CDs.) The ISO images of each CD-ROM listed in previous table are available at the respective websites. Follow these steps to create a live CD-ROM:
Caution Do not simply copy the ISO image to a blank CD-ROM because this process does not create a bootable CD-ROM; instead, it renders the CD-ROM useless. This is a common mistake of new users. The Knoppix CD-ROM provides an easy-to-use graphical user interface (GUI) with basic security-testing tools, including Nmap, Nessus, Ethereal, and Tcpdump. Knoppix also includes the following tools and services:
These features allow the Netadmin to use the Knoppix CD-ROM and easily export results and reports to external data stores. Similar to Knoppix, the NST and Knoppix-STD CDs also provide a command-line interface (CLI) and a GUI. These CD-ROMs provide a pre-installed copy of the Firefox browser, VNC server, SSH server and SSH client, PDF viewers, and minicom. Both Knoppix and Knoppix-STD contain pre-installed Java-enabled web browsers, which can be used by Cisco Netadmins to run Pix Device Manager (PDM) and Cisco Router and Security Device Manager (SDM). Additionally, Cisco is developing similar tools for many other products to enable browser administration for new users. Most of these tools only work with Java-enabled browsers. While Java-enabled web browsers work well in the Windows environment, Linux users often need to manually tweak the Java installation. In such cases, the Knoppix CD-ROM comes in handy for using Java-enabled web browsers from within the Linux OS. |