Hey everyone! I'd like to put together a copy of Linux I can use to find and fix problems I might have on mostly Windows 7, but possibly OSX as well. I was thinking about putting the distro and tools on a flash drive that I could boot from if need be. What do you recommend for something like this? What distro and tools should I get, and what kinds of issues can be solved by something like this method? Any other helpful info?
I use these listed.
Security - Malwarebytes, Trinity, Katana
Getting past bootloaders - Trinity, Hiren
Data Recovery - Acronis True Image
Partition - GParted, DBAN (For secure wipes)
With the few tools I have on disks and flash drives I am rarely faced with a problem that will stop me, I will also be adding Malwarebytes Rescue next year :)
Follow this for all on 1 drive (Katana more than likely wont work with this so seperate drive is needed)
With the ones above you can bypass corrupt bootloaders so say if GRUB goes bad, You can remove viruses from a system that cant boot, you can file manage, bypass passwords with absolute ease, clone the system via network and much more, The Katana is more for hacking though so just try it and see :)
You may have a problem with OSX, if the copy you get is torrented the mac wont allow it to run, you need a legitimate copy from the apple store which in turn you need a mac to create them really, I have a disk with OS 10.8 on and it was a nightmare at first so have VMs at the ready :)
So I install all of these tools, plus a copy of Ubuntu or whatever on a flash drive?
It's not a matter of the distro; it's the software. Xdroid is pretty good in that regard.
And how would you use this all for diagnostics and hacking? And my copy of OSX is legit so it's fine.
So what would you recommend for both, how do I set it up and how do I use them?
I dont use Ubuntu anymore, You can use it if want but personally I prefer Arch.
Use multiple drives, Have one with Windows, One with OSX, One with Katana (Because that has a distro, If you need them tools) One with software like malwarebytes and stuff, and another for just dumping stuff, I use CDs for stuff like Trinity for the PCs that cannot boot via USB.
Okay so how do I use them? Simple it all depends on the situation, If a PC is infected get Trinity fired up and use an AV Engine (Needs internet) and then follow up with Malwarebytes.
If I need to check whats happening on networks I use Wireshark in Kali Linux.
If a PC has a password that needs cracking both Kali and Trinity can both break it and are fast.
If windows bootloader does not work you can again use Trinity to get past it :) and both Kali and Linux can use File Managers so if someone really needs a file you can locate it and extract it :)
so yeah all situation dependant and practice makes perfect, real world over virtual machines is always better :)
Oh and on the OSX front get a disk that is like OS 10.4 for power macs, and never say OSX to an apple 'Genius' they will laugh the X means 10 :), and watch it with OSX outside of macs, some people do want hackintoshes, although you need a special version of OSX (Which has been multibeasted) to make the Kext work, if you get caught although you probs wont I havent herd of apple going after one person, if you get known for making hackintoshes they probs will go after you. Logan doesnt talk about apple lawsuits for nothing, they will do it.
Follow this !!!GUIDE HERE!!! on how to setup multiboot, when done it should appear like Trinity does, with all the tools in a list, so your tools and OS will list, its just like looking in a tool box :) just a lot neater and smaller, Also get a tool box :)
I may do a blog post more in depth about best stuff to use when, I want to do blogging but I never stick to it apart from here, if you would find that even more helpful :)
Any distro will do, except SLES, which is a distro that is financed by Microsoft, and engineered to make Windows look good in comparison to linux, so it won't be very honest when analysing a windows machine. OpenSuSE on the other hand, as soon as Adobe Flash and some ugly hidden Microsoft germs are removed, is actually quite nice, it's the SLES upstream, but it's not a Novell/Microsoft controlled project, it's community based. That doesn't mean though that Microsoft doesn't try, you still have to disinfect OpenSuSE before being able to safely use it, but at least it works and can be disinfected, and in that case, it can also be used to remove non-Microsoft malware from Microsoft malware suites like Windows.
Didnt know MS had linux, love how they are also slandering chrome OS...