Devil-Linux 1.2.11 review
DownloadDevil-Linux is a distribution which boots and runs completely from CDROM
|
|
Devil-Linux is a distribution which boots and runs completely from CDROM. The configuration can be saved to a floppy diskette or a USB pen drive.
Devil Linux was originally intended to be a dedicated firewall/router but now Devil-Linux can also be used as a server for many applications. Attaching an optional hard drive is easy, and many network services are included in the distribution.
The system is designed to install without the use of a hard drive. It requires the use of a CDROM and a write-protected floppy.
The CDROM provides the operating system, and the floppy provides the configuration information, via a tarball that is unpacked into the /etc directory. In this way, the system is fully configurable, yet the running system has no writeable device.
Here are some key features of "Devil Linux":
Boots from CD
Traditionally Devil Linux boots from a CD-ROM which is read-only by nature. This means an intruder will not be able to install i.e. an "ordinary" root kit.
Boots from USB pendrive
As all movable parts in your computer, the CD-ROM is prone to failure. This is the reason why we provide a script to install the entire system on an USB pendrive. Note: You need a computer which is able to boot from USB harddisks, in order to use this feature.
Configuration is saved on a floppy disc or on a USB Flash Media
Due to the read-only nature of CD-ROMs, you need a place to save your configuration files. This can either traditionally be on a floppy disc or on a USB flash media (like a pendrive), to increase the reliability.
Configuration can be burned on CD
There are cases when you have to ensure that the configuration can't be modified. This is the reason why we provide the feature for loading the configuration archive from the (read-only) CD-ROM.
No need for a harddisk although it can optionally be used for data storage
Most distributions need a harddisk for data storage, with DL this is completely optional. Reasons for adding harddisk data storage would be, i.e. when you use DL as your mail server or for file sharing. DL uses dynamic disc configuration via the Logical Volume Manager, which makes adding and maintaining the harddisk storage easy (regardless if you have only 1 GB or 1 TB of data).
Support for Intel 486 and higher
Got some old boxes in your bone yard? For most internet connection an old computer is enough to play the role of your Firewall, this is the reason why we still support 486 CPUs. But we're not stuck with old technologies, we also provide you a version vor 686 CPUs with SMP support.
IPTables/Netfilter Support
State of-the-art firewall functionality is provided by IPTables/Netfilter, which includes features like connection tracking. Devil-Linux adds many more Netfilter modules then you find in your standard Linux Kernel.
Create your own, customized version with our Build System
Since everybody has different requirements, Devil-Linux provides you with an easy-to-use build system, which enables you to create your own customized version. You can i.e. only add the packages you need on your machine or even add features which are currently missing in the mainstream version.
Directly supported by Firewall Builder
Don't like writing your Firewall rules by hand? Get Firewall Builder and use a great GUI tool to create your ruleset. Firewall Builder supports writing the rules directly onto your configuration floppy.
No graphical desktop
Devil-Linux has not support for i.e. X-Server. This greatly reduces the requirements to run DL and also greatly increases security by reducing the number of running programs. (Try this on Windows...)
Almost all binaries are compiled with the GCC Stack Smashing Protector
Except of a very few exceptions, all binaries are compiled with the GCC Stack Smashing Protector. Applications written in C will be protected by the method that automatically inserts protection code into an application at compilation time. The protection is realized by buffer overflow detection and the variable reordering feature to avoid the corruption of pointers.
Improved Kernel Security through GRSecurity
GRSecurity adds several new features and protection mechanisms to the Linux Kernel itself. This includes Chroot restrictions (did you know that it is easy to break out of a non-protected chroot jail?), Address space modification protection (like PAX), Auditing features, Randomization features and much more.
Easy to use chroot
Devil-Linux has support for chroot jails which is easy to use. Just define what you need in a configuration file and our jail script will take care of the rest. Some pre-defined configurations are already available.
Requirements:
PC 486 DX2/66-class or better
32MB RAM
bootable ATAPI or SCSI CD-ROM drive or USB Device
1.44" floppy disk drive or USB Device
any network interfaces like 10 and/or 100MBps network interface cards or external analog/ISDN-Modem.
Devil-Linux 1.2.11 keywords