STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It’s a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can. STD is meant to be used by both novice and professional security personnel but is not ideal for the Linux uninitiated. STD assumes you know the basics of Linux as most of your work will be done from the command line. If you are completely new to Linux, it’s best you start with another live Distro like Knoppix to practice the basics.
Many linux security distributions are hardened versions of Linux to secure the host. This is not STD. STD is a security toolkit not a hardened OS. It runs off of a read only CD with minimal services running on boot. It only loads itself into RAM. Their are only a few viruses that affect it. The default boot shows only 68/tcp (dhcpclient) and 6000/tcp (X11) loaded from an nmap scan. A nessus scan shows only a low severity alert on X11 (It doesn’t allow any client connections, but may be vulnerable to DoS attacks. CVE-1999-0526). dhcpclient instantly closes any connection attempts.
However many network services can be started with but a click on the menu and many of those services have known vulnerabilities. If your machine gets breached through these services, the network you are on and all data on any local hard drives are at risk. Before you play around with any Servers, learn the Firewalls and IDS tools first.
Copyright 2016 ECI Networks