Topics

LAST UDPATE:

Trinux 
   What is Trinux? 
   Getting Trinux
   Who is Trinux?
   Updates 

Features  
   Current 
   Tools 
   FTP Site
   Goals  

About 
   Installation  
   Support  
   Training  
   Links 
 
 


 
 What is Trinux?
Trinux is a portable Linux distribution that boots from 2-3 floppies (or a FAT 16 partition) and runs entirely in RAM. Trinux contains the latest versions of popular network security tools and is useful for mapping and monitoring TCP/IP networks.

Trinux transforms an ordinary x86 PC into a powerful network [security] management workstation without modifying the underlying hardware or operating system. The default configuration uses a stripped down version of kernel 2.0.36 that should boot on any 386 or better with at least 12-16 megabytes of RAM. Hardware support for NICs is provided through kernel modules which may be downloaded and copied to the boot medium.

Here are screenshots of some of the tools that are available. NOTE: X-Windows is not available on Trinux. I only used it for the screen capture.

Trinux is released under the terms of the GNU Public License. See Eric Raymond's page (www.opensource.org) for details.

(c) Copyright 1999 Matthew Franz and the Trinux Development Project

Please read the FAQ or search the Trinux mailing list before asking a question.

Updates

- Pre-0.49 floppy images are now available. The floppies now support the features added to TrinuxHD about a month ago. Most importantly the modem.tgz package now works-- on my system at least. If you follow the un-Linux-like prompts and type ppp-go you should be able to log via your ISP. Man ppp gives you some background information and nmap -D will allow you to roll your own "sophisticated and coordinated attacks" from foreign countries against domestic sites of your choosing. A better idea: spend your milk money on TCP/IP Illustrated Volume 1 and sniff your modem traffic using tcpdump till you get a clue. Oh yeah, the dialup data disk may become a hot commodity soon because I imagine I'll yank it after the third message I get asking how to sniff passwords with tcpdump.

- Besides releasing a new TrinuxHD image (pre 0.49) yesterday, there is now a package for Bind 4.9.7 that runs a caching nameserver straight out of the box.

- Trinux is now available from CheapBytes on the CheapBytes Stampede Linux BETA w/TinyLinux CD for only $1.99. It should be available on Monday.

- made significant updates to the Trinux Tools Page. Worth checking out... IMNSHO the only page that comes close to this is Bernd Eckenfels Freefire project -- check it out!! I'll let you be the judge.

- Trinux 0.48 flopppies released, available here. Contains new versions of the core Trinux tools you know and love: nmap, ntop, iptraf, and others.

- thanks to Joey Maier of the Trinux Documentation Team for putting together a table that lists what kernel module should be used for each NIC card.

- added screenshots for all the visual learners out there. Xterms are a beautiful thing.

- Update netmap1.tgz to include the latest nmap (2.02) and exscan (0.3). Deleted tcp_scan.

- Posted a long rant about Trinux goals, etc. to the development mailing list. If anybody else is interested in becoming an official member of the Trinux Team send me and email.

- 0.47 floppies and packages are now available. Updated nmap, ntop, spak. Rearranged packages. NOTE: TrinuxHD has not been released although you can use the packages with the TrinuxHD from 0.45, although you still have to use 2.0.35 kernel modules.hhhhh

- someone out there created a #trinux channel on IRC (efnet). Give it a try, if you dare!
- created a directory for user contributed/experimental packages.See /pub/trinux/packages/contrib.
- modified netconfig script in netbase.tgz so it will automatically create config files for ip,dns,gateway,etc. on the boot disk so you don't have to enter them each time. Finally! 
- added 2 modules for Apache 1.3.3 (apache.tgz and htroot.tgz) as well as data disk that contains Apache and Perl. Try it out! Add httpd -d /var/apache to your post.rc so Apache loads when Trinux boots. Ftp your .html into /var/apache/htdocs and you're set! 
- A big Thanksgiving thanks to Brian Fleming of Irenyx Data Group, Inc. for adding the web interface to the Trinux mailing list. 
- updated kernel modules for upcoming 0.50 release, updated ntop to 1.1a4 (netmon1.tgz) added dig to netmap2.tgz
- Version 0.45 Floppies released! 
- TrinuxHD 0.45 is out! Install in c:\trinux on a Windows partition, cd to \trinux and type trinux! It works "out of the box" on my Laptop. Let me know if it doesn't work on yours so I can fix it. Don't forget to download the kernel module for your NIC from here. See the FAQ for more info. Also uploaded /packages/0.45 directory. Includes new pcmcia package and ipgrab v0.6. 
- added firewalk to netmap1.tgz and a new package called system.tgz that contains crontab and syslog. 

IMPORTANT: I only update the boot/data images when a new version is released.  If you want the latest tools, you'll have to have to add the packages to the data disk yourself.
 
Obtaining Trinux
Download the boot and data disks and any kernel modules from here.  If you don't know which module you need for your NIC check here first. Then read the directions below and in the FAQ .

clscxx.gz - generic data disk with standard set of tools including the following packages: netbase, netmon1, netmon2, netmon3, server, snmp, netmap1, netmap2, system, expldos.

apache.gz - Perl & Apache 1.3.3 disk including: netbase, apache, htroot, perlbase, perli386, perlmods.

NOTE: Linux Netscape users need to shift-click on these links and make sure they add the .gz suffix. For some reason it strips it off.

The boot disks are MSDOS formatted floppies so you can add or delete package or kernel module files easily from Windows.
 

Current Features (0.45)

Complete List of Tools 
anger arp bounix clog cold(1.10) drpcscan firewalk icmp_redir ipfwadm ipgrab(0.6) ipresend ipsend iptest iptraf(1.4.1) linsniffer nat nc neped netstat netwatch(0.8) nfs_check nmap(2.06) nslookup ntop(1.0) pcmcia(3.05) perl(5.004) ping queso rdns readsmb rpcinfo rr shlight(1.0) sniffit(0.3.7) snmpget snmpset snmpwalk spak(0.6b) statnet strobe(1.3) tcp_scan tcpdump(3.4a7) traceroute udp_scan whois z0ne 

See the tools page for more information about these. 
 
Installation

this table and copy them to the boot disk. There should be about 75k left.  The disks are DOS formatted. 

READ THE  FAQ  FIRST!
 
Trinux Developers
The following people are "officially" working on Trinux:

Original Developer & Project Leader - Matthew Franz

  • Trinux Core - Matthew Franz, Matt Cerha, Dragos Ruiu
  • Trinux IDS / DTK - Carlos Garcia, HD Moore, Stefan Keller, Dragos Ruiu
  • Trinux Firewall - Alex Newman
  • Trinux Scanner - HD Moore, Will Whittaker
  • R&D - Ken Williams, Giulio Vada, Mike Hore
  • QA - Joe Schwendt, Joey Maier
  • DOCS - Bob Tripp, Joey Maier, Mike Hore
  • #trinux admin - Alex Newman

Send me an email if you want to join the Trinux development team. Tell me what you have to offer and specifically what you want to do/what you think needs to be done!

Desired Skills: system administration/design, PCMCIA support!, network tools, testing/QA, Perl/shell scripting, HTML, CGI, tech writing/editing (despite my BA in English!!)

Development Goals

  1. Provide the most comprehensive and up-to-date suite of network security/monitoring tools available in any Linux distribution. 
  2. Implement modular and easily customized Open Source  security solutions that rival their commercial counterparts:
    • network monitoring and intrusion detection and honey pot
    • firewalls and virtual private networks (VPNs)
    • network mapping and penetration analysis
    • secure web serving
  3. Allow a maximum amount of configuration and customization from non-Linux (i.e. Windows 95/98/NT) operating sytems. 
  4. Support multiple installation architectures without compromising core features:
    • Floppy disks - Trinux Classic 
    • DOS/Windows partition - TrinuxHD
    • Ext2 Filesytem - small (?mb) partition
    • Package support for mainstream Linux distributions (Debian, SuSE, RedHat, Caldera, Slackare)
    • Bootable CD-ROM
  • Trinux packages (tarball, debs, RPMs, etc.) for all major distributions
  • Easy PPP Support for Win32 users
  • CD-ROM distribution
  • data disk for each of four solutions above: netmap, ids, firewall, webserver
  • Win32 Install Program (arggh)
  • Strong encryption, authentication (distributed from a non-US/CAN site, of course)

    • NOTE:  Trinux is not attempting to develop a "secure" version of Linux (something comparable to OpenBSD).  We believe that every effort should be made to strengthen existing mainstream distributions.  Trinux attempts to provide customized Linux security solutions when it may not be possible or practical to install a complete distribution.

    Feel free to direct questions, comments, flames, etc. about this to me
     
    Trinux Support
    You basically have options: 1) send me email, 2) subscribe to the trinux listserv by sending a subscribe trinux, or 3) check out the #trinux channel on IRC and see if anyone has clue. message to [email protected]
     
    Thanks!
    A big thanks for all of you out there who have given me feedback since Trinux was first released in April of 1998. However, there are several out there who have greatly contributed to this project and deserve to be mentioned: Kevin O'Brien for convincing Irenyx to provide this server, Ken Williams at Packet Storm for lots of good publicity, and most importantly my wonderful wife, Amelia, for putting up with all  the time I spend on this nonsense.   And oh yeah, WirM, for the spiffy new web page.
     
        Web design by WirM


    Data Group, Inc. Website Home Of The Vnode Connector Services
    Proudly Supports The Trinux Distribution And The Linux Movement.