This is default featured post 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured post 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Saturday, 25 February 2012

How Does Secure Sockets Layer (SSL) Works?.


Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https. In simple words HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a SECURE communication.

What exactly is Secure Communication ?

Suppose there exists two communication parties A (client) and B (server).
Working of HTTP
When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorised access to the ongoing communication between Aand B , he can see the PASSWORDS since they remain unencrypted. This scenario is illustrated using the following figure
Now lets see the working of HTTPS
When A sends a PASSWORD (say “mypass“) to B, the message is sent in an encrypted format. The encrypted message is decrypted on B‘s side. So even if the Hacker gains an unauthorised access to the ongoing communication between A and he gets only the encrypted password (“xz54p6kd“) and not the original password. This is shown below

How is HTTPS implemented ?

HTTPS is implemented using Secure Sockets Layer (SSL). A website can implement HTTPS by purchasing an SSL Certificate. Secure Sockets Layer (SSL) technology protects a Web site and makes it easy for the Web site visitors to trust it. It has the following uses
  1. An SSL Certificate enables encryption of sensitive information during online transactions.
  2. Each SSL Certificate contains unique, authenticated information about the certificate owner.
  3. A Certificate Authority verifies the identity of the certificate owner when it is issued.
How Encryption Works ?
Each SSL Certificate consists of a Public key and a Private key. The public key is used to encrypt the information and the private key is used to decrypt it. When your browser connects to a secure domain, the server sends a Public key to the browser to perform the encryption. The public key is made available to every one but the private key(used for decryption) is kept secret. So during a secure communication, the browser encrypts the message using the public key and sends it to the server. The message is decrypted on the server side using the Private key(Secret key).
How to identify a Secure Connection ?
In Internet Explorer, you will see a lock icon Picture of the Lock icon in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.
In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns GREEN when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning and the status bar may turn RED.
So the bottom line is, whenever you perform an online transaction such as Credit card payment, Bank login or Email login always ensure that you have a secure communication. A secure communication is a must in these situations. Otherwise there are chances of Phishing using a Fake login Page.

How To Get a Serial key or Crack of Any Software!.

 
Once Again i am back with a worth article for my ICA members, This time i am going to explain you that how you can "Find Serial Key / Cracks for Any Software !".I assume that most of you use pirated software. Not everyone can afford buying a program like Photoshop, which costs $699. In this case you can use alternative, free software or you can download a pirated, cracked version of the program. There is a vast number of websites out there, where you can find serial numbers and cracks for any program, but most of them aren't safe to use. Actually most of them are spam sites that “bombard” you with full-screen popup ads, or commandeer your computer into a spam-loving Kraken  or Srizbi Botnet army. In this post I will show you the most efficient way of downloading cracks and serial numbers without any risk to your pc. This is the part of Hacking/Cracking using "Google hacking".

Google Hacking : I will explain google hacking in details in next article very soon.But for now its enough to know that,Google hacking means..how you can search all desired information in direct way,using some google searching tricks.

Now in this article i am going to explain all possible ways to Find the serial Key
a.) Using Google
b.) Using Craagle Software
c.) Using serials search websites.


Finding Serial Key using Google :

To Get the serial number from googleyou have to just follow these steps :

* Go to Google.

* In the search field type : "Software name" 94FBR

* Where, "Software Name" is the name of the item you want to find the serial number for.

* And in google search Results you will get the list of all those websites where the serial key of the required software is available.Thats it !!  :-)

HOW DOES THIS WORK ?

Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things.

1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for.
2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.

See these example searches :
Search the following Keywords on Google :-

"Photoshop 7" 94FBR
"Age of Mythology" 94FBR
"Nero Burning Rom 5.5" 94FBR

How to get Serial key using Craagle Software ?
Craagle is a free search engine that allows users to search every sort of cracks, serials, keys, keygen and covers, without falling into shit, like annoying toolbars, pop-ups, spyware, ad-ware and mal-ware that the crack sites or search sites abundant with.
It works by doing the searching the cracks, serials or album covers directly from Craagle program without the need to visit the websites. Craagle has added advantage of able to search for cover images or graphics for CD, DVD, audio, games and etc.You can also use a proxy to bypass Day Limit for some sites.



* Crack Sites Supported :

Cracks.Am, KeyGen.Us, AllCracks.Net, Andr.Net, Crack.Ms,Crackz.Ws, CrackArchive.Com, CrackDb.Com, CrackzPlanet.Com,CrackWay.Com, MsCracks.Com, CrackPortal.Com, TheCracks.Us,KeyGen.Ru

* Serial Sites Supported :

Seriall.Com, FreeSerials.Com, SerialSite.Com, Serials.Ws, Andr.Net, SerialKey.Net, SerialArchive.Com, CrackzPlanet.Com,MsCracks.Com, CrackPortal.Com, KeyGen.Name, TheKeys.Ws,FreeSerials.Ws, FreeSerials.Spb.Ru, Serial.220volt.Info,SerialCodes.Net

* Cover Site Supported :

CoverTarget.Com, CoverAll.Come.To, CoverIsland.Com

Download Craagle 4.0 -  Click Here

Get Serial keys from Serials Search Engines

Here i also want to present you a list of "clean" crack/Serial Search sites for all the latest warez to unlock your software.Please note that the site reviews herein only include information about each site, not the contents of the 'cracks' themselves. Always use a reputable antivirus and antispyware program on cracks & keygens before using them. The same goes for Craagle

    * www.serials.ws
    * www.keygen.in
    * www.smartserials.com
    * www.keygenguru.com - Popular site with hundreds of thousands of results.
    * www.serialkey.net
    * www.zcrack.com
    * www.subserials.net
    * www.serialportal.com
    * supercracks.net
    * www.serialcrackz.com
    * www.serials.be
    * www.cracktop.com
    * www.cracksfm.com
    * www.cracklib.net
    * www.crackdb.org
    * www.theserials.com

Friday, 24 February 2012

What is BOT?.




BOT is a malicious program with the purpose of fraudulent use of computer. Once your computer is infected with BOT, the malicious attacker (referred to "attacker" hereinafter) remotely controls your computer from the external.
This attack causes serious harm of making public nuisance such as "sending numerous number of mails" and "attacking a particular website", as well as of stealing information stored in your computer, i.e., "spying activities.
As this external control of your computer is analogous to a robot, it is referred to BOT.

Threat of BOT network When your computer is infected by BOT-type virus, it may be used for crime, making you a perpetrator.

A computer that is infected with BOT is automatically connected to instruction server or something similar installed by the attacker, resulting in formation of gigantic computer network referred to "BOT network", which is configured by several tens to several millions of BOT-infected computers.
Once infected computers receive instructions from the instruction server controlled by the attacker, they are controlled on the attackers discretion and act in sending numerous number of spam mails for the purposes of phishing and the like as well as in attacking a particular website (DDoS attack).
Thus, the users of such infected computers are used as steppingstones for the attacker without their knowledge, and forced to be not only "victims" but also "perpetrators."

Send-out of nuisance mails Conduct of sending nuisance mails via your computerWebsite attack Attack of a particular website, etc. for purposes of its unavailability, etc. (DDoS* attack)BOT infection activities Conduct of augmenting infection to other computersLeak of personal information Conduct of stealing various pieces of personal information entered and stored in your computer, using your credit card No., etc.
* DDoS (Distributed Denial of Service)

Characteristics of BOTs

Difficult to notice the infection BOTs generally do not show specific visible symptoms even when your computer is infected, being unlike the conventional viruses or worms. A user therefore does not realize the infection of his/her computer and continue to use it without noticing any difference of the computer from before the infection.

Automatically add functions BOT can update itself by adding new functions or correcting defects using the function of automatic self-updating. The updating interval is said to be short, e.g., several weeks. This also makes BOT difficult to be found.

Various types of BOTs Since source codes or tools for easy preparation of BOTs are disclosed on the Internet, many subspecies of a BOT have been prepared based on the single BOT. This feature has made BOT cleaning by using Anti-Virus software be difficult.

For crime With conventional viruses, offenders committed the crime for their pleasure. In contrast, the preparers of BOTs aim to gain benefit from BOTs through, for example, lending BOTNET (networks using BOTs) to nuisance mail delivery companies on a pay-by-the-hour basis, selling personal information stolen, and so on.

BOT action after infection

1 Send-out of nuisance mails
BOTs send out nuisance mails using the infected computers as steppingstones. Although only a few mails are dispatched from a single infected computer so that the computer user does not realize the situation, BOTs can entirely dispatch numerous number of nuisance mails, using several thousand infected computers in the BOTNET.

2 Attacks such as DoS attack
BOTs disrupt an operation of a particular website by sending a numerous packet (data) to the Web server and thereby making it inoperable. As analogous to sending nuisance mails, although only small volume of attack data is sent out from a single infected computer, it would be a threat for even large scale of a server that BOTs can send out data from several thousands to several millions infected computers.

3 Network infection
Utilizing vulnerabilities of computers, BOTs take actions to augment infection so that the number of computers available for nuisance mails and DoS attacks are increased. BOTs take over computers that have vulnerabilities and send in programs for infecting other computers.


4 Network scanning
To perform the item 3 "Network infection", BOTs collect information of the computers with vulnerabilities. Using the collected information, another computer is selected as the next target for infection.

5 Self-updating the version or changing the instruction server
A BOT adds new functions and correct own flaws using functions to update itself automatically. In addition, when an "instruction server", which interfaces the instructions from the attacker, becomes unavailable due to virus disinfestation and such, the BOT find another server to switch the instruction server.


6 Spying
A BOT can send out information stored in an infected computer to the external. Therefore, based on received instructions, various pieces of information are stolen, collected or leaked out to the external, where the information includes a keyboard operation history, credit card No. and ID, password, and addresses registered in an address book of the mail software.

Tuesday, 21 February 2012

How Does Intrusion Detection System(IDS) Works?.


What is an IDS?


A system that tries to identify attempts to hack or break into a computer system or to misuse it. IDSs may monitor packets passing over the network, monitor system files, monitor log files, or set up deception systems that attempt to trap hackers.¹ With that being said you get the basic idea. While a firewall should always be your first line of defense, an IDS should be next. I use a simple analogy. Think of your network as a prison. The outside is protected by a large wall (firewall), while the inside is protected by cameras and corrections officers (an IDS).


How does an IDS work?

While there are several types of IDSs, the most common types work the same. They analyze network traffic and log files for certain patterns. What kind of patterns you may ask? While a firewall will continually block a hacker from connecting to a network, most firewalls never alert an administrator. The administrator may notice if he/she checks the access log of the firewall, but that could be weeks or even months after the attack. This is where an IDS comes into play. The attempts to pass through the firewall are logged, and IDS will analyze its log. At some point in the log there will be a large number of request-reject entries. An IDS will flag the events and alert an administrator. The administrator can then see what is happening right after or even while the attacks are still taking place. This gives an administrator the advantage of being able to analyze the techniques being used, source of attacks, and methods used by the hacker.

Specifications for IDS

IDSs are defined by what is called the Common Intrusion Detection Framework (CIDF). It is composed of 4 components:

  • A boxes - Network activity analysis devices that can be specific hardware, software or both.
  • C boxes - Countermeasure mechanisms or response procedure equipment.
  • D boxes - Storage mechanisms (hard Disks), which are essentially the logging equipment.
  • E boxes - These are considered event generators, commonly known as sensors.

²
A boxes
A boxes work like the situation mentioned above. They gather information and look for defined patterns. These patterns can include the consistent stream of packets by Trojans or viruses. An A box is great for detecting DDoS attacks and router attacks. Think of an A box as an "alarm."

C boxes
C boxes work a little differently than A boxes. After an attack has been detected, C boxes have the ability to provide countermeasures. This could include locking a user account or modifying the ACL (Access Control List). Think of a C box as a "counterattack." These work better because they save the administrator from dealing with every little flag. These are valuable in large or enterprise networks.

D boxes
D boxes are rather simple. They provide a means of logging data. One of the best practices for protecting a Linux/UNIX server is to record the logs to a different machine. This works the same way. Servers and IDSs may send their logs to a D box that serves only as a repository. D boxes are important because you may need to analyze data at anytime, even after a C box has taken action. Think of a D box as a "dump server."

E boxes
E boxes are a very important part of an IDS. While an E box cannot be an IDS on its own, without an E box, an IDS cannot function. The function of the E box is simple, it produces "events." Events are not always suspicious. An event can be as simple as recording a user logging on to a server. Think of an a E box as an "event creator."

It is important to know how the term "boxes" is used. While the term "boxes" does not actually refer to physical machines, these "boxes" can and often are used in combination. For example, IDS software can utilize a combination or all of the above framework.

Types of IDS

Generally speaking, there are 3 main types of IDSs:
  • Suspicious Detection
  • Abnormal Detection
  • Signature/Pattern Detection
The suspicious detection is used to flag a defined activity. For example, a firewall may or may not block a port scan. Suspicious detection will automatically flag this event, record the source IP, and the ports scanned. This type of detection is usually customized. System administrators will need to specify what activity qualifies as "suspicious."

The abnormal detection is usually customized as well. It does what its name describes. It looks for abnormal behavior. How is this different from suspicious detection? Here is an example; Most corporate LANs are only active during business hours. From 9 AM - 6 PM, the servers are active, users are logged on, and the routers are busy. However, during non-business hours, the network should be rather stagnant. This is where the abnormal IDS comes into play. In the event that a workstation on your network is infected with a Trojan, the hacker could use that machine to gain access to the rest of your network including the file servers. Usually, this is late at night when the administrator and users won't notice. An abnormal IDS would record network activity and file requests during non-business hours. So, if a users was all of the sudden requesting files from server at 2 AM, the abnormal detection IDS would send a red flag. This allows network administrators to know exactly what is going on when they are not there.

The signature/pattern detection relies heavily on a database of, you guessed it, signatures and patterns! This means the known probing tools, like the ones used by "script kiddies." The common Trojans that are all over Mirc, and various worms have a consistent pattern of how they send and receive data. A database will include the signatures or patterns used by these programs. It constantly monitors the network and when there is activity that matches something from the database, the red flag goes up. This is helpful for large networks. Especially if the users are ignorant and download things they shouldn't...

The best IDSs use a hybrid approach by including 2 more of these detection methods. System administrators should be careful not specify rules that are too harsh. Going over-board can lead to false positives and unwanted chaos. However, it is important to specify rules that will catch intrusions.

Putting it all together...

IDSs can come in the form of hardware, software, or both. One example is the hardware based Enterasys Dragon IDS. This device employs a "network sensor" and "active response" technique to protect a network. The image below shows a Cisco WS-X6381-IDS. This device uses both hardware and software. Physically, this device is attached to an intermediate or core switch. The presence of a hard drive entails its use of software to analyze results.



On the software-based side, a program called Specter, looks like a great program. A rather steep price (retails for $899) makes this software un-attractive to small networks or organziations with a low budget. Although, it runs on any version of Windows and can emulate practically any system. I have not used it, but here is a screen shot of the interface.



Deploying an IDS

An IDS can play pretty much any role you need it to play. For instance, software can be installed on a workstation (like specter) to monitor requests from other parts of the network or outside traffic. An IDS can also be used in conjunction with other network devices. The diagram below shows an example of setting up a dedicated machines with IDS software. Notice the Enterasys Dragon is located in the DMZ. Placing a decoy in the DMZ will deter hackers from the rest of the network. Taking the time to trip the IDS gives system administrators time and data to analyze. This in-turn helps them protect the network.



The most efficient technique to deploying IDSs on your network is proper analysis. Don't go overboard right away. Analyze the way your network is setup. Every system administrator knows the potential weak points of their network. Setting up an IDS may take some time to get everything working right. Trial and error will always be an important tool for tuning up everything and getting it just the way you want.
¹ http://myphliputil.pearsoncmg.com/student/bp_hoffer_moderndbmgmt_6/glossary.html

² Mairs, John. VPNs: A Beginners Guide, Berkeley, CA: McGraw-Hill, 2002

what's happening in A Minute on the internet !.



hello guys,
do you know what's happening on internet in every minute  ?
so according to Shanghai Web Designers what's happening in A Minute on the internet :


world's most popular Search engine Google serves more than 694,445 queries !
168,000,000+ emails are sent
370,000+ minutes of voice calls done by Skype users
320 new accounts and 98,000 + tweets on twitter
Popular web browser FireFox is downloaded more than 1700 times
iPhone applications are downloaded more than13,000 times
600 videos are uploaded on YouTube videos, amounting to 25+ hours of content
and lots more ..!
Click on the image for the better view :

FBI shutdown rogue DNS servers on 8th March! .

FAQ : DNSChanger Trojan, Impact and Solutions



Two days before (THN) Reported that FBI will shutdown Internet on 8th March, Title seems to be more Attention seeking , Why ? Well ! Our job is to aware you about the Internet Security. If we are looking for some extra attention from our Readers then its part of our small effort to make Internet more secure space for all.


Today we are going to Explain all about DNSChanger Trojan, its Impact on Internet users and the biggest challenge for FBI to resolve it, and How a non technical user can check and Restore its computer, Hope you will share this article with your Friends, Followers and On your Site to aware them about this Serial Internet Killer.

What is DNS (Domain Name System) ? is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as www.thehackernews.com, in your web browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website. DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration. DNS and DNS Servers are a critical component of your computer’s operating environment without them, you would not be able to access websites, send e-mail, or use any other Internet services.


What is DNSChanger ? a small file about 1.5 kilobytes , DNSChanger is a trojan that will change the infected system's Domain Name Server (DNS) settings, in order to divert traffic to unsolicited, and potentially illegal sites. This Trojan is designed to change the 'NameServer' Registry key value to a custom IP address. This IP address is usually encrypted in the body of a trojan.


When ? The DNSChanger malware was first discovered around 2007, and since this time has infected millions of computers, around 500,000 of them being in the U.S., and through these computers the criminals have reportedly pulled in around $14 million in stolen funds. The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it.The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware.


Who are infected and Technical Info ? Both Windows and MacOS users are at risk for this infection because it exploits your browser, not your operating system.Here are some known hostile IP address pairs used by the DNS Changer malware:


64.28.176.1 - 64.28.191.254
67.210.0.1 - 67.210.15.254
77.67.83.1 - 77.67.83.254
85.255.112.1 - 85.255.127.254
93.188.160.1 - 93.188.167.254
213.109.64.1 - 213.109.79.254


Why its not easy Remove this Trojan ? One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services, So This Process will start on March 8 by FBI.


Why 8th March 2012 ? After the take down of the DNSChange Botnet, in November 2011, the FBI obtained a court order allowing the FBI to set up a temporary DNSChanger Command & Control network. The court order expires on March 8th, 2012. Unless the FBI obtains a new court order allowing them to continue operating the temporary network, the network will be turned off. Resulting in millions of computers, world-wide, no longer being able to access the Internet.


How to check manually that your System is Infected or Not ?
The best way to determine if your computer has been affected by DNSChanger is to have them evaluated by a computer professional.



Avira cooperated also with the German Federal Office for Information Security (BSI) and published the tool also on the special website created to check if the DNS requests are made to the right places: www.DNS-OK.de. Besides the website, users can also OK DNS, the DNS-repair tool from the Avira website to download here.


After 8th March all computer will be Secured ? According to FBI, It is quite possible that computers infected with this malware may also be infected with other malware. The establishment of these clean DNS servers does not guarantee that the computers are safe from other malware. The main intent is to ensure users do not lose DNS service.
SOURCE:http://thehackernews.com/2012/02/faq-dnschanger-trojan-impact-and.html

Friday, 17 February 2012

Tenable Release Nessus 5.0 vulnerability scanner .


Tenable Network Security announced Nessus 5.0 vulnerability and configuration assessment solution for enterprises and security professionals. Nessus version 5.0 introduces key features and improvements, separated into the four major phases of the vulnerability scanning process:
 
  • Installation and management (for enhanced usability) - Nessus 5.0 simplifies the installation and configuration for non-technical users. Configuration and management: Nessus v5.0 configuration and management is now done 100% through the GUI
  • Scan policy creation and design (for improved effectiveness) - Users now enjoy improved effectiveness when creating scan policies. Over two dozen new pre-built plugin filters make it easy for security and compliance professionals to simplify policy creation for laser-focused scans on the areas that matter most. Users can quickly select multiple filter criteria, such as, Vulnerability Publication Date, public vulnerability database ID (OSVDB, Bugtraq, CERT Advisory, and Secunia), Plugin type (local or remote), information assurance vulnerability alert (IAVA), and more, to quickly identify easily-exploitable vulnerabilities.Scan for all easily remotely-exploitable vulnerabilities for which there is an exploit published in your favorite exploit framework.
  • Scan execution (for improved efficiency) - Users can take advantage of real-time scan results, on-the-fly filtering and sorting, and streamlined results navigation. A new vulnerability summary and redesigned host summary make it easy to see risk level without even running a report. As the scan is being run, not only can you see the results as they are being gathered, but navigate and filter on them as well. This allows you to easily act upon the vulnerability data while the scan is happening.
  • Report customization and creation (for improved communication with all parts of the organization) - New reporting features allow for improved communication of vulnerability results with all parts of the organization:Results filtering and report creation: Results filtering and report creation is more flexible than ever before. Users can apply multiple result filtering criteria, and targeted reports can be generated against the filtered results. Reports can be generated in native Nessus formats, HTML, and now PDF formats, Multiple report templates can be combined into one report.

10 unique but intresting linux distro.


Linux has more flavors than (Mountain Dew + Gatorade)*Baskin Robbins. Of course, some of those distributions are far more valuable than others. But besides the Ubuntus, Fedoras, Linux Mints, PCLinuxOSes, and OpenSuSEs, which versions are actually worth your time? Believe it or not, worthy Linux distributions are not limited to the big guns. There are plenty of obscure distributions worth looking at. Here are a few lesser-known Linux distributions that could have a positive effect on your life in one way or another.
Note: This article is also available as a PDF download.

1: Damn Vulnerable Linux


Damn Vulnerable Linux is exactly what it sounds like. According to the Web site, “Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks.” What value would such a distribution hold? Training. The idea behind this distribution is to train Linux admins. And what better way to train someone than to hand them a broken distribution to fix? With older/broken versions of Apache, MySQL, PHP, FTP, and SSH, your admins in training will have their hands full.

2: CAINE Linux


CAINE Linux might be one of the niftiest of the niche Linux distributions. CAINE stands for Computer Aided INvestigative Environment. Basically, it’s CIS Linux designed for digital forensics. CAINE includes TheSleuthKit, Autopsy Forensic Browser, steganography tools, and plenty of tools for wiping hard drives. This distribution also includes a semi-automated tool for the compilation of the final report on a digital forensics investigation.

3: Zeroshell


Zeroshell is an interesting Linux distribution aimed at embedded systems — specifically, networking hardware. It’s administrated through a Web interface and can provide all networking services required for a LAN. With Zeroshell, you can set up Failover, RADIUS, Captive Portal, Quality of Service management, HTTP Proxy, Wireless Access Point, Host-to-LAN VPN, LAN-to-LAN VPN, Routing with Static or Dynamic IP Addressing, and much more.

4: Parted Magic


Parted Magic is similar to the Gparted Live CD, only it adds a few more tools (such as Clonezille, TestDisk, Partimage, Trucrypt, G4L, SuperGrubDisk, and ddrescue). This type of tool is ideal for managing partitions as well as troubleshooting drives and various issues. This particular Linux distribution works on x86 hardware and requires 256MB of RAM to operate in. Parted Magic can work with the following partition types: ext2, ext3, ext4, fat16, fat32, hfs, hfs+, jfs, linux-swap, ntfs, reiserfs, reiser4, and xfs.

5: Tiny Core


Tiny Core is exactly what the name implies. It’s a tiny Linux distribution, coming in at under 10 MB (with a GUI included). But don’t think Tiny Core is limited to tiny tasks. Once it’s installed, you can begin adding the applications you need. But by default, you will have a minimal X desktop with networking. Tiny Core is based on Tiny X, Busybox, Fltk, and the 2.6 kernel.

6: CAELinux


CAELinux focuses on computer aided engineering. It’s based on open source titles like Salome, Code_Aster, and OpenFOAM. CAELinux is an Ubuntu-based distribution that can simulate physics involving nonlinear thermo-mechanics, coupled fluid-structure dynamics, seismic/nonlinear explicit dynamics, contacts, visco-plasticity, fluid dynamics, heat exchange, convection heat transfer and radiation, and electro dynamics. This distribution offers a wiki with plenty of documentation for each application.

7: Musix


Musix is a Knoppix-Debian distribution aimed at artistic and educational uses in the field of music. It’s a live CD, so it can be run without installation. The two applications that draw the most attention on this distribution are Rosegarden and Ardour. Between these two applications, you will have everything you need for music composition and recording. You will also find tools like Inkscape, Blender for 3D animation, and Cinelerra for video editing.

8: SLAMPP


SLAMPP is a slackware-based Live distribution that is truly a one-stop-shop for system server needs. With this distribution running, you are ready with HTTP, FTP, DHCP, DNS, and many more servers. And this can all be achieved without even installing the distribution! That’s right. By using a live DVD, you can have all of those servers up and running in no time. SLAMPP is the “instant home server” distribution.

9: Ubuntu Christian Edition


Ubuntu Christian Edition is, as its name implies, an Ubuntu-based Linux distribution geared toward the Christian faith. This distribution includes a plethora of faith-based software (such as Xiphos, OpenSong, and E-Sword, along with tools for parental controls.

10: Ubuntu Satanic Edition


From its name, you might think Ubuntu Satanic Edition is a converse distribution to Ubuntu Christian Edition. It’s not. According to the Web site, USE “brings together the best free software and free metal music on one CD.” The “Undead CD” is based on Ubuntu 10.04 and includes all the standard software, along with a mélange of typically dark, heavy metal-esque themes, as well as a full 50-minute album of the best Creative Commons-licensed metal music. What else does USE offer that standard Ubuntu doesn’t? Nothing more than some serious attitude that will ensure your fellow workers know who rocks harder!