This is a short interview with James Haidut the writer/creator of Arudius.
Arudius is a compact live security distro based off of MiniSlack. It is created to give users a powerful tool set while stay small in size, under 210MB. It was written by James Haidut an information assurance professional. This short interview will give you insight into the maker and the distribution of this fairly young project.
{mosgoogle}
Who should use your distribution?
Anybody involved professionally (or just out of curiosity) in the field of information assurance. The people that most often download Arudius and have sent me some feedback are professional penetration testers and researchers in the academia. That said, Arudius is a Linux live CD, so it can presumably be useful to anybody who wants to get a feel of Linux. And last but not least, given that Arudius is modular and based on the same principles as Slax, anybody interested in creating their own security live CD can take Arudius and modify it as they with using freely available tools like MySlaxCreator ( http://myslax.bonsonno.org/)
What is one thing you would like your distribution to have or do that
no other distribution does?
Arudius will include in the near future a tool developed by me for web penetration testing using Google. The principles are described in the book "Google Hacking for Penetration Testing". Also, I am working on a web content filtering program similar to the commercial product Websense. It will aim to have the same features (maybe not all the GUI bells and whistles of Websense) as commercial products but will be open-source.
Why did you decide to make your own live security distribution?
I've been using Linux for over 7 years and I am constantly looking for ways to do something creative with open source. I think the live CD concept could be used to implement many interesting ideas and it allows for easy distribution and demonstration of those ideas while also further promoting the use of Linux. So, since I am employed by an information assurance company I decided that a security live CD is the natural application of my professional involvement. On a side note, I am interested in a lot more than just information security. As I said I like the live CD concept a lot so I am also involved in the development of *BSD live CD (NetBSD and Dragonfly BSD). The NetBSD CD is ready for download and I am currently working on the Dragonfly version. The *BSD live CDs I make currently target the non-security audience but can be used as a base for building *BSD versions of Arudius. I might do that in the future. For those interested in the *BSD CDs - just visit the Arudius website.
How many man hours go into each release?
Initially it took several days to research, gather and install/compile all the security software. This is not a difficult but rather very time-consuming process. I did some research on what other security live distros offer in terms of tools and tried to include everything they offer while keeping the size of Arudius small (under 210MB) so people can load it entirely in RAM and run things like a Nessus scan or password cracker at better speed than when run from the CD. Once the first release was out, subsequent releases are mostly bug fixes and maybe adding some extra tools. So after the 0.2 release it takes me about 1-2 hours to release a new version (aasuming nothing major needs to be changed, like a kernel recompile for instance).
What is your favorite *nix distribution and why?
I've always been an avid Slackware fan and naturally Arudius is based on Slackware. Actually it is based on Zenwalk (used to be called Minislack), which in my opinion is a better version of Slackware - it has all the Slack features (and compatibility) and a package manager that handles dependencies automatically and downloads packages from the web much like Debian apt-get does. Other than that, out of curiousity or professional requirements I've deployed/used/maintained almost every major Linux distro out there plus most of the other Unices. My new "affairs" are with NetBSD and DragonflyBSD. It turns out that the portability of NetBSD had the side effect of producing the cleanest Unix OS code out there, which makes it a fast and secure OS by default. Someone might ask "How Come?". The answer is that you cannot expect your code to compile and run well on over 50 platforms if it's not well designed and written. In addition its "pkgsrc" feature is widely used and acclaimed as one of the most stable and reliable source-based package installation systems out there. This is witnessed by the fact that "pkgsrc" is ported to almost all Unices - something which cannot be said about a Linux package manager (even RPM) or the *BSD "ports" system. This brings us to Dragonfly BSD - it uses "pkgsrc" for package management instead of the FreeBSD "ports" system even though Dragonfly is based on FreeBSD. I really like the ideas behind the Dragonfly project and look forward to the team stabilizing the OS so that it can be installed easily. Once I release the Dragonfly live CD, inevitably some people will become interested in trying out Dragonly as an HDD install and they might be turned off by its problematic install process. I would really like to see a wider usage of these two BSD flavors and I will do what I can to promote their use even more.
How do you see live security distributions evolving over the next few years?
My answer might sound a little bit business talk but I'll say it anyways. In my opinion the people who used these security live CDs generally fall into two categories - script kiddies and security professionals. The future development of the security live CDs I think will depend on the developments in each of these two categories so I will address each one separately.
Script kiddies will always be around. They are just the particular manifestation of the more general concepts of curiousity/maliciousness that are present in every person but to a different degree. They view these security live CDs as their perfect tool for inflicting damage. However, I think that the script kiddie group does not represent the majority of people who use these CDs. I actively track who downloads Arudius and the overwhelming majority of download requests come from academic and commercial entities delaing with information assurance. These are presumably the legitimate security professionals who use the CDs in an ethical manner. So, if we exclude the script kiddies from the picture, we are left with more or less the information security industry. Gartner Group did a research on the developments in the security industry and made some prediction of future development. They think that the market is currently hot for security consulting services but that it will cool down in the next several years and many small companies currently providing such services will be bought or merge with each others to improve efficiency and competitiveness. In the non-commercial Linux world we don't have business acquisitions but there are mergers. Recently the security distributions Auditor and Whax merged to produce BackTrack and I think this is more or less an indication of what Gartner predicted. Gartner also predicted that network security services like penetration testing, while currently an art performed by humans, will tend to become more and more automated and thus ultimately become a product offered by vendors in a box. I think there is an indication for that as well. Several large vendors (Cisco, Symantec, etc) have started to offer automated vulnerability assessment systems which aim at replacing the human hand in penetration testing and other security assessments. To summarize my answer - I think the more popular linux security live distros will merge, a few will continue to be developed by die-hard enthusiasts with varying degree of success and regularity and a large number of these distros will simply die out like so many other Linux distributions. The reason? I think the reason is the force of evolution and market conditions - with the consulting market ( i.e. vulnerability assessment performed by humans) shrinking and distros merging, it will be hard for most people to produce a distro that competes in features with distros like BackTrack. But then again, God does play dice some of the time so I think there will remain a few enthusiasts that will keep producing their own unique security live distro and have an audience that likes it. My interests are in innovation so I will keep looking for ways to use Linux and *BSD creatively. Information security live CDs just happen to be the cool creative thing of the day so am involved with it for now.
What is the biggest upgrade/addition that is planned for your distribution?
I guess in the near future I plan to add the tools mentioned in one of the previous questions. Other than that any major feature enhancement in Linux (kernel or userland), which I think might be useful to the information security audience, will probably be included in Arudius as well.