HiR 8
Advanced Disks of death

----------------------------------------------------------------------------
	So, you remember the good old "Disk of Death" from HiR 6?  Well, 
it's time to move on to bigger and better things...

	I've found that there might be a lot more stuff that you wish to
have access to at any computer you can get your hands on.  I eventually
found myself running around with a case of floppies, each with their own
function; All of them were built around the "Disk of death" model: Each
one was a small toolkit of resources.  Now, it's time to graduate...

	I've graduated in two ways: The first way was the use of bootable
CD-ROMs, that I Burned myself, which have my tools on them.  This is also
accompanied by a boot floppy that is bootable and is full of cd-rom
drivers (so that I can use the CD-ROM With ease when the machine won't
allow CD-ROM Boot).  The CD-ROM has Autorun data (See HiR6-7.txt for
information on CD-ROM insecurity with Windows 95) and all of my favorite
dos and Windows tools, and a few linux tools as well.

	"Linux utilities, eh?" you may be asking.  And it's a valid
question.  The other way I've advanced my Disk of Death useage is by using
Linux Disks of Death.  There are several distributions of linux that are
geared specifically toward Floppy disks; to where you can boot an entire
linux system using only floppies.  Most of these distributions are
hand-crafted specifically for networking, instead of data-tampering with
the local hard drives and filesystems.  Almost all Floppy Linux
Distributions are distributed in IMG (image file) format, and most of them
will allow you to use the typical RAWRITE.EXE routine in DOS/Windows or
dd/cat in unix to create floppies from the image files.  Recently, Axon
and one of his Co-Workers came across a few Floppy Linuxes that were
hand-crafted to mess with NTFS volumes; changing data around, scrubbing 
the SAM database (Accounts and Shared Resource properties are stored
here), and other evil stuff.


Linux on a Floppy, LOAF (http://www.ecks.org/loaf/):
----------------------------------------------------

	If you haven't had much linux experience yet, but kind of know
what you're doing, the easiest to use is a distribution known as "Linux on
a floppy", or "LOAF".  LOAF fits on a single floppy disk, and has separate
kernels, depending on what network card the machine is using.  Once you
start, you are given a straight linux prompt.  LOAF 1.1 is using ASH (A
Shell) for the shell.  It's VERY bare-bones, but it works.  LOAF 1.2 is
out, but I have not had time to play with it.  IRC'ing with the LOAF
Author, it sounds more feature rich, and he has intentions to turn it into
a potential multiple-floppy distribution, naming the advanced supplemental
disks after popular sandwich elements.  I don't know if this will ever
happen, but he was thinking about it.  Main things that you can do in LOAF
1.1: Lynx is used for ftp and http; telnet is used to connect to other
linux/unix/internetworked machines.  A few games are included. I believe
loaf 1.2 replaced the games with an ssh client for encrypted connections.
LOAF 1.1 is not at all easy to customize.  It's best to leave it as-is.

Loaf requires the machine to have about 6 megs of ram.

Trinux: Linux Security Toolkit (http://www.trinux.org):
-------------------------------------------------------

	My personal favorite floppy linux distribution (currently) is
Trinux: the Linux Security Toolkit.  Trinux is a bare minimum of 2
floppies (but I have a Third one full of kernel modules for extended
hardware support).  Trinux allocates Six Virtual Consoles, and BASH is
used for the shell (VERY Nice).  Trinux Classic is made specifically for
network monitoring, mapping, exploration and exploit testing.  A few
Sniffers and traffic monitors are contained within, and several evil
denial of service TCP/IP attacks are in there, as well as some network
mapping/exploration stuff, too. Lynx is not included, but telnet and FTP
are.

	Trinux is so easily customizeable that one could add lynx without
much of a problem.  There is the possibility to use an almost unlimited
number of floppies.  The packages are stored as tarballs on DOS formatted
floppies, and loaded into ramdisks upon unpacking.  Network setup is
simple, and the documentation on thier website is thorough.  One major
advantage to this distribution is the fact that it can be started up on a
machine somewhere and never messed with again.  It allows the user to
telnet or ftp in (as root), which is the only default user in /etc/passwd,
which is fine (most of the programs do raw tcp/ip packets, or other stuff
that requires root anyways).  Don't worry about the "Insecurity" of
logging in as root.  (Unless you're on crack and put them there), there
are no data files that could be irreparably corrupted, and nothing more
than some man pages, libraries, and binaries in the Trunix filesystem.
Trinux runs out of ramdisk, so if it gets messed up, put the boot floppy
back in, restart the computer, and load the second floppy, and you're back
in business again.

	There are other packages to trinux as well.  Instead of inserting
a data disk for Monitoring,  Mapping, and exploit testing, you could use a
data disk with a webserver on it, or a data disk with tools to mislead
system crackers into attacking trinux machines (using the deception
toolkit, which makes a machine LOOK *REALLY* Vulnerable, when it's
actually very secure.  It answers on a lot of ports, and reports version
numbers of services with known vulnerabilities, and acts like the service
normally would, and even emulates the exploit working, but it doesn't.
The sysadmins will know someone's having fun, though, and have time to
lock down the REAL systems.)  This is guaranteed to keep those little guys
busy for a while, since it's basically the host of their dreams: It's on
YOUR network, and it has so many vulnerabilities, they KNOW they have to
be able to get in!  (But they wont...)

Check out their website for more info.

Trinux Requires the computer you use to have around 12 megs of ram, and
the more, the merrier.

Trinux also has a Hard-Drive version that fits on a FAT hard drive, and
can be loaded up with LoadLin (a DOS bootloader that will allow you to
start in DOS and then boot a linux kernel, wiping out all the memory DOS
used).



HAL-91 Linux (http://home.sol.no/~okolaas/hal91.html):
------------------------------------------------------

HAL-91 is a 2-floppy set that is basically an advanced version of LOAF
that has geared itself more towards a rescue disk.  It is still helpful,
and has a lot of neat toys. It includes telnet, ping, pppd (to modem
connect to the net), chroot (used for rescue work), fdisk, e2fsck (like
scandisk), and some normal linux binaries for filesystem navigation and
management.

Requires a computer with 6-8 megs of RAM


These are the only floppy linux distributions I've used so far.  Next
issue I will try to write an article on the others (I know of at least 4
or 5 more, but these seemed to be the best ones to be used as "Disks of
Death")

