-
Sniff WiFi traffic with LessLinux
LessLinux is used as a foundation for quite some security and forensic distributions. Thus more features for analyzing network traffic get added. Recent builds include “hostapd” and “brctl” for creating ad-hoc hotspots that can be used to monitor the traffic of selected WiFi enabled devices like smart TVs or smartphones. I usually use a notebook […]
-
Automatic language detection
I just added automatic langauge detection, kind of small magic before an internet connection exists. How does it work? Currently it searches for the last recently used NTUSER.DAT and reads the registry key “Control Panel\International\LocaleName” from there. Of course this requires a windows installation to be present. But since this feature is targeted at some […]
-
Netboot fixed
When testing recent builds I found out that netboot was broken. I found out the following reasons: For wgetiso=http://server/path/lesslinux.iso BusyBox’ wget implementation proved too unstable and often failed, I now added a curl binary, statically linked against musl-libc and nothing else, this means no HTTPS support for now. Using curl now also allows to determine […]
-
Moving to Linux 4.1
In the advent of several commercial builds for the next months I updated the base system to recent LFS builds. This means Glibc 2.21. Kernel 4.1, GCC 5.1, some tools and libraries from Gnome 3.16 and Firefox and Thunderbird in version 38.0.x. These build are already relatively stable, however there are some issues with Clutter […]
-
Please ping me!
If you notice that for more than two months there are no fresh builds you might send me a short email. There are phases of commercial builds which usually spawn a few free builds for a smaller circle of testers. If you are interested and just ask me via email, I’ll give you access to […]
-
Minor update to unstable: Fresh Firefox and Thunderbird, fixed USB boot
My latest image might have broken USB boot support due to a new version of the NASM assembler. This is fixed in the latest unstable build. Besides this the TeamViewer BLOB is fixed now (there is no directory teamviewer9 anymore in the tarball). Hivex correctly builds the ruby bindings and I based my “reset shell” […]
-
Moving to kernel 3.17.4, adding i3 tiling window manager
I just prepared a fresh build based on kernel 3.17.4. The biggest difference is that the kernel configuration is now based on Ubuntus 3.16. On the one hand this means many drivers are included that your live system will never need, on the other hand some drivers are known to work better in this configuration. […]
-
Hello, FRED!
I just want to introduce a new tool. Fred, the forensic registry editor by Daniel Gillen is included in the latest builds.
-
OpenVAS included, GUI for BLOB installation
We made some progress in both handling of BLOBs (binary large objects, programs like Google Chrome or TeamViewer that are only available as binary packages. A new feature is the integration of OpenVAS, a vulnerability scanner to detect unsafe devices in your networks. I am especially proud for my wrapper script to start OpenVAS: This […]
-
Fresh development build – fixes BLOB support
I just uploaded an image that fixes BLOB support. To use it: dd the ISO to an USB thumb drive Pass blobsize=512 (any value between 256 and 2048 makes sense) as boot parameter upon first boot – this wil create the LessLinuxBlob partition upon first boot Download Chrome stable for i386 and put the deb […]