Linux is considered a very secure operating system, but sometimes there are areas of application that require an even more secure system. Those who need to work and communicate confidentially, or who want to monitor the security of their own network, turn to special Linux distributions such as Qubes OS, Tails, or Whonix. We present some of the best known and best distributions in this area.
Whonix – Anonymous Operating System
The Linux distribution Whonix is a distribution that enables anonymous Internet use. Whonix is based on Debian and works with the TOR network. The distribution works with isolation of the various components of the operating system. For this, the distribution consists of two different computers, on which Whonix is operated. These can also be virtualized.
A computer in the Whonix network, “Whonix gateway”, serves as a connection to the TOR network. Whonix can also be connected to the Internet via a proxy. The second computer can be used to run applications that connect to the Internet via the TOR network. For this purpose, the second computer in the network can only establish a connection with the Whonix gateway and is thus especially protected.
The workstation is located in its own network. This is isolated from all other networks. The additional advantage of the Whonix gateway is that the Internet can be accessed not only with the Whonix workstation via the gateway but also with other computers that use the gateway to connect to the Internet. Here, for example, it is also possible to work with the Kali security distribution. It is therefore possible to connect multiple VMs to the Internet via the Whonix gateway.
Tails – Use security Linux
With the free live DVD “Tails” (Tails stands for “The Amnesic Incognito Live System”), users get a highly secure surfing environment, which Edward Snowden also used for a long time. For communication with the Internet, Tails uses the TOR network, just like Whonix. In addition to Internet programs and system tools, the complete opensource office solution Libre Office is also available.
Since Tails works as a live system, the system is already protected against attacks when it is started from DVD. Users can activate the “Windows camouflage mode” in the live environment. In this case, the environment behaves like a Windows system. Tails can also be used as a home banking solution. For this purpose, the distribution offers the option of displaying an on-screen keyboard.
Kali – Security in the network over live system
The security Linux distribution Kali offers numerous possibilities to test the security of the own computer, and also to recover data. Kali also offers various possibilities for network analysis, for example, applications for penetration tests in the network.
When starting a computer with Kali, the system can be started live or installed. Of course, Kali can also be run in a VM. In a four-part Kali Linux workshop, we show everything worth knowing about this practical Linux distro with its powerful tools collection.
Fedora Security Lab
With the free live DVD, Fedora Security Lab penetration tests can be carried out in the network. The DVD provides a live system and offers a graphical user interface. Besides security tools, Fedora Security Lab offers also programs to users. That is, the distribution can also be used for work, in addition to the analysis of networks.
Discreete Linux is based on Debian and is also run as a live DVD. The main focus of the distribution is the anonymous use of the Internet. The live distribution protects users from Trojans and other attackers from the Internet. Encryption technologies are also integrated, as well as the possibility of setting up an isolated network.
DEFT Linux – Security Live CD for administrators
DEFT Linux is a Linux live DVD with which networks can be checked for vulnerabilities and attackers. The live environment also has tools for data recovery. The distribution offers Linux security tools such as “Autopsy Forensic Browser”. The security solution can be used to examine data media and directories. The tool is a graphical interface of the forensic tool Sleuthkit TSK.
In addition to mobile analysis and data analysis, the live DVD also has tools for analyzing network traffic. Included are the tools “Xplico”, the network forensics analysis tool “Wireshark” to analyze the network, “Nmap” security scanner, and “Ettercapum” to perform attacks with “man in the middle” tactics and test the server on it.
Qubes OS is a Linux distribution that is also designed for working securely on the Internet and is currently Edward Snowden’s favorite. Qubes OS also works with an isolated network and can separate the different workspaces from each other. For this purpose, different VMs can be operated, making it impossible for attackers to take over the entire system. Virtual VMs with other operating systems can also be integrated into the Qubes OS network. This includes Debian, Fedora, and Windows computers.
IPCop – Secure networks with Linux firewall
IPCop is a free Linux distribution that can protect networks from attacks. After setup, the administration is done via a web interface. After installation IPCop provides a firewall, a proxy server based on Squid (http://www.squid-cache.org/), and a DHCP server. Server services such as intrusion detection (SNORT) and VPN, as well as dynamic DNS, are also available.