lesslinux.org Development Blog

Just another WordPress weblog

Archiv für 'Howto'

Sniff WiFi traffic with LessLinux

Wednesday, March 9th, 2016

LessLinux is used as a foundation for quite some security and forensic distributions. Thus more features for analyzing network traffic get added. Recent builds include “hostapd” and “brctl” for creating ad-hoc hotspots that can be used to monitor the traffic of selected WiFi enabled devices like smart TVs or smartphones. I usually use a notebook with a wired and a wireless interface for this task.

To create such a bridged access point a WiFi interface that supports master (or access point) mode must be present – grepping for AP in the capabilities list will identify matching chipsets. Some interfaces like those sold by Realtek only offer the possibility to create unencrypted access points with the vanilla hostapd. In this case you may want to try USB wifi devices.

Download latest build: lesslinux-search-and-rescue-uluru-20160226-111022.iso

(more…)

Announcing “big fat full” builds + fork me on GitHub

Friday, June 20th, 2014

I am proud to announce a new series. This is called “big fall full” – codenamed “Jabba”. It solves two purposes:

  1. Provide a simple way to include all packages that are built in the second stage in the live ISO
  2. Give the most simple starting point for building LessLinux and derived distributions

The second big change is that LessLinux development now takes place completely on GitHub. Scroll down to read how these two news fit together seamlessly!

Using Jabba builds

Of course you can use the Jabba builds as rescue system as well or as a nice replacement for the now defunct LFS Live CD, to start building LFS even when you do not have Linux system installed on some hard drive. Jabba builds will be released after major architectural changes or updates of core components like the used default compiler or the C library. This means mandatory releases every six to nine months and maybe convenience releases after updating kernels.

Jabba intentionally uses a really minimalistic user interface. After booting, the GUI consists of just two terminals, one with root privileges and one as normal user. You might start an XFCE- or LXQT-panel, but be warned: there might be many duplicate or non-functional entries in the menus. Thus it is easier most of the time to start needed programs by hand.

(more…)

Building LessLinux – stage03, the final ISO

Friday, February 4th, 2011

So now you are ready building the chroot environment – then it is time to assemble the final ISO. To do this you need an overlay containing some configuration files for the bootloader. I packaged such an overlay for the current LessLinux Search and Rescue: lesslinux-search-and-rescue-uluru-20110202-155012-overlays-en.tar.bz2. You’ll find more recent overlays here: http://download.lesslinux.org/overlays/, but when building care that overlay and buildscripts match. Unpack the overlay in the folder /mnt/archiv/LessLinux. (more…)

Building LessLinux – stage02

Thursday, February 3rd, 2011

Besides the switch to SQLite there are other big changes regarding the build of stage02, which is the population of the chroot environment:

  • LessLinux now supports tracking of dependencies after building packages. This allows to define the order of packages to build.

  • As a consequence of the dependency tracking it is now also possible to parallelize the build. On a three core Athlon this brought down build times from around three days to less than 20 hours. With a faster machine you should even get better results.

(more…)

Building LessLinux – stage01

Thursday, February 3rd, 2011

Many changes were added since my first description of how to build LessLinux. There are two major changes that are worth noting most:

  • We switched from MySQL to SQLite3 as database during build

  • LessLinux is self containing now, this means you can use LessLinux to build LessLinux to build LessLinux…

The stage01 build of LessLinux very closely resembles the chapter Chapter 5 – Constructing a Temporary System from Linux from Scratch. You’ll even notice similar environment variables. There will always be slight differences in package versions – this is intended. So you might be able to build LessLinux on any machine equipped with the right programs to build Linux from Scratch. But in my opinion do one of the two following things: (more…)

Presenting the “Grandma Mode”

Friday, July 30th, 2010

Do you also have some relatives that always ask for “family support”: When you come to their house, you find a totally f***ed up Windows XP machine with tons of spyware and you’ll get to hear “I did not do anything”. The worst part of it: While you do the work, they keep talking at you.

Well it can be easier. Just configure your DSL router to forward inbound traffic on port 5500 to your desktop machine and get a nice DynDNS hostname. Then remaster any LessLinux Search and Rescue CD to include one boot entry that does not disable earlynet and add the cheatcode

        xvnc=|reverse|1280x800|24|my.dyndns.name|

In case of emergency tell your grandma to boot the CD with the respective entry. The earlynet script requests an IP address on all wired interfaces and instead of starting a local Xserver Xvnc is started and a reverse connection to your host is made where a listening VNC viewer must be running.

There is one drawback: the data is transmitted unencrypted, which might be an issue with sensitive data. You might however use this first VNC connection to build up a SSH tunnel between two hosts.

The background of this feature: I got some customers quite far away from here. With this cheatcode I can help them no matter where they are – no special configuration of their router required. This feature also will work over WLAN soon. I just introduced some cheatcodes to attach to a wireless network while startup. Those are not tested yet, so please be patient for a few more days.

Should work in all builds higher than 20100701-000000.

Netbooting LessLinux: NFS support

Monday, July 26th, 2010

After adding support for netbooting LessLinux by downloading the ISO image via HTTP/FTP I can announce support for NFS boot. For this feature you just need to add

        nfs=192.168.1.1:/dir/containing/iso

In this case, the NFS share is mounted read only (and no locking takes place), then all ISO files down to depth 2 are searched, loop back mounted and scanned for the proper version.txt. If the system is found, the settings for toram=value take place. In reasonable fast networks you should keep this threshold low, then the start of a program via network is quick, on networks with bad latencies you might set a low threshold to copy the entire system to RAM during startup.

You might download the ISO and the sources here:

To build yourself follow the instructions in those two articles: Build stage 01 and 02 and Build stage03.

Booting LessLinux via network

Monday, May 31st, 2010

As mentioned previously, support for netbooting LessLinux was recently introduced. In builds from 20100528-000000 it works stable and can be used in production environments. So please test the new function with this build:

Currently for netbooting a DHCP and PXE server are required, a HTTP daemon should be present, although it is possible to load the ISO directly from download.lesslinux.org. For now the ISO is completely stored in volatile memory — future versions will probably also allow NFS access. To load an ISO via HTTP just one additional parameter is necessary: (more…)

Accessing LessLinux with VNC

Thursday, May 27th, 2010

As I mentioned before, “LessLinux Search and Rescue” is intended to be a versatile live system for typical service jobs that have to be done in mixed environments. To make work easier, a service system should be net-bootable and accessible with a remote desktop application. In builds starting with timestamps after 20100526-000000 I included support for both functions:

  • Booting the kernel and initramfs with PXE and loading the system ISO with wget by http or ftp
  • Starting the desktop with Xvnc instead a local X server

(more…)

Do it yourself: Build stage03

Friday, May 7th, 2010

In the third stage the final ISO image is assembled. To assemble the ISO you need an overlay with some fixes and the bootloader configuration. Eventually the bootloader configuration can be automatically generated – but not for now. Since assembling stage03 is basically calculating dependencies, copying files from the chroot environment, compressing the squashfs containers and finalizing the ISO image, this stage is usually done in 20 to 40 minutes. (more…)