[Owasp-live-cd-2008-project] OWASP LiveCD direction

OWASP Live CD 2008 Project owasp-live-cd-2008-project at lists.owasp.org
Fri Aug 1 11:13:32 EDT 2008


Josh,

       I won't speak for OWASP - that's definitely not my place but I 
can  speak for my involvement with the SoC.  I heard about the SoC in 
one of  the local Austin OWASP chapter meetings[1].  Looking of the list 
of prioritized projects [2], I saw the Live CD and felt I was 
particularly well suited to that project.  I submitted an application 
for the Live CD project [2].  My application was selected as a SoC 
project for 2008.

      I started work and looked at the 2007 Live CD as a reference [3]. 
  I decided to go with SLAX and not keep with the distro from the 
previous Live CD.  I've detailed those reasons on the projects 
documentation wiki [5]. I believe I've made good progress on the current 
SoC project - a sentiment echoed by my reviewers on the project page [6].

      Beyond the SoC projects completion, I've got several ideas of how 
to augment the Live CD which are possible due to the modular nature of 
SLAX.  I've also got some ideas to integrate the Live CD with other 
OWASP projects.  I hope to have those ideas outlined on the project 
Wiki's Roadmap page by the weekends end [7].

      The last few weeks have been insanely busy for me (day job + 
freelance work + several family visits) so the project has been a bit 
stagnant for that period.  I'm still on track to make the SoC deadline 
but to ensure I get the best product out of the door, I've put in for a 
weeks vacation in August which will be used to complete and polish the 
Live CD.

       I believed that the previous Live CD project was dormant due to 
it being listed as a SoC 2008 prioritized project.  I apologize for not 
contacting you earlier but I assumed you moved on to other things 
(PacketFocus LLC).  That being the case, impact on your work was not 
part of my decision to migrate to SLAX.  Good luck on your presentation 
at OWASP New York.  I'd be interested in the presentation if you're 
willing to share as I wont' be able to attend.

-- Matt Tesauro

[1] http://www.owasp.org/index.php/Austin

[2] http://www.owasp.org/index.php/OWASP_Request_for_Proposal_List

[3] 
http://www.owasp.org/index.php/OWASP_Summer_of_Code_2008_Applications#OWASP_Live_CD_2008_Project

[4] https://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

[5] http://mtesauro.com/livecd/index.php?title=Why_SLAX

[6] http://www.owasp.org/index.php/Category:OWASP_Live_CD_2008_Project

First Reviewer's Assessment at 50%:
http://www.owasp.org/index.php/Project_Information:template_Live_CD_2008_Project_-_50_Review_-_First_Reviewer_-_C

Second Reviewer's Assessment at 50%:
http://www.owasp.org/index.php/Project_Information:template_Live_CD_2008_Project_50_Review_Second_Review_E

[7] http://mtesauro.com/livecd/index.php?title=Roadmap

Joshua Perrymon wrote:
> Hey Paulo,
> 
> I wanted to contact you regarding the direction of the OWASP liveCD.
> 
> Background: Sometime in 2006 I contacted OWASP regarding the creation of 
> a LiveCD. I was in Australia at the time doing pentests and saw that 
> there was no LiveCD that focused on App Security. After several emails I 
> was given the OK and started developing the LiveCD nights and weekends. 
> Just before the first version was finished, I got SpoC sponsorship for 
> the first version of the LiveCD.   After completion, I got AoC 
> sponsorship and completed the second version.
> 
> I have been busy starting this new company and noticed the new LiveCD 
> project under current sponsorship 
> http://www.owasp.org/index.php/Category:OWASP_Live_CD_2008_Project.
> 
> I will be releasing a new version of the LiveCD at the OWASP conf in NYC 
> during my talk. Don’t get me wrong, I am an avid supporter of OWASP, and 
> by no means want to get in the way of progress. But I would like to 
> maintain some level of  involvement in the LiveCD project(s).  The 
> current sponsored version has been converted from Morphix to Slax so if 
> I continue down that road with my build, I will have to redesign the 
> entire process I have developed.
> 
> If we need to keep and maintain two separate versions I’m fine with that 
> as well. Please advise on moving forward.
> 
> JP 
> 
> Joshua Perrymon, CEH, OPST, OPSA
> CEO PacketFocus LLC
> Josh at packetfocus.com <mailto:Josh at packetfocus.com>
> 1.877.PKT.FOCUS
> 1.205.994.6573
> www.packetfocus.com <http://www.packetfocus.com/>
> 
> President Alabama OWASP Chapter www.owasp.org <http://www.owasp.org/>
> Selected for “Top 5 Coolest hacks of 2007” Dark Reading/ Forbes.com
> www.linkedin.com/in/packetfocus
> 


More information about the Owasp-live-cd-2008-project mailing list