Fedora 13 to debut a security "spin"

Fedora already has a number of variations—called "spins"—to support different use cases: alternative desktops (KDE, LXDE, XFCE), gaming, hardware design, education, etc. Starting with Fedora 13, those will be joined by the Fedora Security Lab (FSL), which is meant to be a "safe test-environment for working on security-auditing, forensics and penetration-testing, coupled with all the Fedora-Security features and tools". The target audience is much the same as that of the BackTrack security distribution—security professionals along with those who want to learn about various security techniques.

FSL is based on the LXDE desktop environment because of its small resource footprint, which will leave more memory available for running various security and forensic tools. The LXDE menu has been customized to present a categorized list of tools and applications available to a user. The distribution comes with a fairly extensive list of packages, as well as a wish list of additional packages that would be added to FSL once they are packaged for Fedora.

The release itself will be an ISO image that can be used as a Live CD, which can then be installed on the hard disk. A more likely scenario is creating a bootable system on a USB stick using Fedora's liveusb-creator. That will allow the user to reserve some extra space on the USB stick for persistent storage. That storage can be used for installing additional packages or storing the output or configuration of various utilities so that they are available after each boot.

Fedora's Joerg Simon is leading the FSL effort, which got final approval from the Fedora advisory board in mid-February. FSL provides a number of advantages for Fedora and its users—many of which are listed on the FSL page—but there is one item in particular that Simon seems to be excited about: using it as a platform to teach about security.

Simon has slides [PDF] from a presentation he gave that proposed FSL as the basis for teaching classes based on the Open Source Security Testing Methodology Manual (OSSTMM). Simon is involved in both projects and sees benefits to both from a collaboration. FSL would provide a stable platform that teachers and students could rely upon and Fedora would benefit from the wider exposure those classes would bring.

In addition to the various utilities and tools that are packaged with the spin, FSL also showcases the security features that are part of all Fedora spins. Things like SELinux, default firewall rules, PolicyKit, and various protections like stack smashing protection, buffer overflow protection, and so forth, are all available for students and others to examine and play with.

Having a larger parent organization like Fedora—and to some extent Red Hat—may help FSL achieve a higher-profile than BackTrack or other security distributions have in the past. One can imagine that FSL will be the tool of choice for recovery of broken systems in the Fedora and RHEL worlds, as users will already be familiar with the underlying distribution. Working with other organizations that are targeting security education is another thing that may very well help foster FSL as a tool of choice for security professionals.

While FSL is somewhat late to this particular party, and still has a number of important tools (Metasploit, OpenVAS, SiLK, etc.) on its wish list, it does have the infrastructure and user community of Fedora behind it. There is ample room for collaboration with BackTrack and other security-focused distributions—one hopes that can come about. By sharing information, configuration, tools, and techniques, in much the same way that free software development is done, better security distributions will result. That can only help bring about increased security for all free software.