Penetration Testing mailing list archives
Re: Windows Distro [summary]
From: Javier Fernandez-Sanguino <jfernandez () germinus com>
Date: Tue, 15 Nov 2005 13:52:45 +0100
Eliah Kagan wrote:
Javier Fernandez-Sanguino wrote:As for the Microsoft world, for one, have not seen any. The Windows EULA forbids this kind of stuff so I don't believe you'll find it, unless Microsoft himself develops a live-CD like or somebody risks legal action from Microsoft by putting up a live-CD version of its OS.Just a point of clarification here, the Windows EULA does not forbid making a Windows LiveCD. If you make a Windows LiveCD and distribute it, then that would violate the EULA and invite legal action from Microsoft, just as if you distribute images of the Microsoft Windows install disc, you're violating the EULA (or, if you haven't agreed to the EULA, you're still violating Microsoft's copyright) and inviting legal action from Microsoft.
(...)This, and all the reasoning below is correct. Since the submitter requested information of Knoppix-like live-cds I just let him know that he will not find them available. You *can* make them through the use of Bart-PE like everybody else pointed out here, but you *cannot* distribute them. So, as a summary:
Q1: ¿Can I find security-oriented Windows-based Live-CD images like Knoppix STD or Auditor out there?
A: Not probable, if you do find them they are in violation of Microsoft's copyright and/or Windows' EULA. If you find any and use it you are violating those too.
Q2: ¿Can I make a security-oriented Live-CD based in the Windows OS similar to Knoppix (which is Debian-based) or Auditor (which is Knoppix based)?
A: Yes, you can use BartPE (http://www.nu2.nu/pebuilder/) or WinPE (http://www.microsoft.com/licensing/programs/sa/benefits/winpe.mspx) for this. You will need a legal copy of the Windows install disks and will need a separate license for every Live-CD copy you make and wish to run simultaneously. There are also some limitations on what you can do, see http://www.nu2.nu/pebuilder/#legal
Q3: ¿Can I distribute the security-oriented Live-CD I made with BartPE for others to use?
A: No, see Q1 HTH Javier ------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Windows Distro Jason T. Hallahan (Nov 09)
- Re: Windows Distro Javier Fernandez-Sanguino (Nov 10)
- Re: Windows Distro Eliah Kagan (Nov 11)
- Re: Windows Distro [summary] Javier Fernandez-Sanguino (Nov 15)
- Re: Windows Distro [summary] Micheal Cottingham (Nov 15)
- Re: Windows Distro [summary] Eliah Kagan (Nov 15)
- Re: Windows Distro Eliah Kagan (Nov 11)
- Re: Windows Distro Javier Fernandez-Sanguino (Nov 10)
- <Possible follow-ups>
- RE: Windows Distro Beauford, Jason (Nov 10)