HeX 2.0, codename "Bonobo" released!

100 views
Skip to first unread message

Lee Hinman

unread,
Oct 5, 2008, 10:33:31 PM10/5/08
to HeX liveCD
Hey All,
After 8 months, we're finally releasing HeX 2.0, here's the updated
info, directly from the "What's New" page (https://
trac.security.org.my/hex/wiki/WhatsNew)

ISO links:

http://hexbit.csc.gatech.edu/hex-iso/hex-i386-2.0.iso
http://hexbit.csc.gatech.edu/hex-iso/hex-i386-2.0.iso.md5
http://hexbit.csc.gatech.edu/hex-iso/hex-i386-2.0.iso.sha256

http://us.rawpacket.org/image/hex-i386-2.0.iso
http://us.rawpacket.org/image/hex-i386-2.0.iso.md5
http://us.rawpacket.org/image/hex-i386-2.0.iso.sha256

http://my.rawpacket.org/hex-i386-2.0.iso
http://my.rawpacket.org/hex-i386-2.0.iso.md5
http://my.rawpacket.org/hex-i386-2.0.iso.sha256

HeX System 2.0
Base System
- FreeBSD 7.0 Stable
- Unionfs Integration
- Default ULE scheduler instead of BSD
Application Tweaking
- Fluxbox menu modification and improvement
Menu Tools
aguri
pktstat
isic
silktools
argus3
dhcpdump
ipsectrace
raddump
rtpbreak
tftpgrab
aimage
nast
flowtag
- Shell options - bash/zsh
- Liferea
Security Rss Feeds
- Firefox
Plugin
Foxyproxy
Firebug
Hostipfox
Bookmark
http://www.rawpacket.org
http://www.cyber-ta.org/Honeynet/
http://www.team-cymru.org/?sec=8
http://fixedorbit.com/search.htm
http://www.robtex.com/
http://www.cidr-report.org/as2.0/
http://virustotal.com
http://watchlist.security.org.my/
http://anubis.iseclab.org/
http://www.malwaredomainlist.com/
http://www.spybye.org:8080/stats
http://www.malware.com.br/
http://www.hostip.info/
http://h4k.in/encoding
http://www.isecom.org/research/oprp.shtml
HeX Ports
- Flowtag
- Spybye
- Erlswf(not included)
- Ftester
- Trace-summary
- Pysubnettree
- http://tools.netsa.cert.org/silk/
Yaf
Naf
Fixbuf
Ipa
Airdbc
Airframe
FreeBSD Ports
- rtpbreak
- ruby-tk
- isnprober
- dumpasn1
- ipex
- pdb
- py-pcs
- py-impacket
- raddump
- dhcpdump
- urlendec
- scanhill
- nast
- aslookup
- colordiff
- afflib
- aimage
- evtviewer
- hcidump
- iextract
- recoverdm
NSM-Console updates
- Updated to NSM-Console 0.8-dev
- pcapparser supports NULL ethernet types
- pcapparser supports flag printing
- print command supports printing full packets
- list command supports filtering by enabled/disabled modules
- Added dnstop module
- encode and decode commands now work on files as well as strings
- Added ip2asn module & command
- Added iplist command
- Added ability to pipe output into a command using >, >> and |
- Added yahsnarf module
- Added bro-ids-connection module
And lots more! Check the NSM-Console CHANGELOG in the ~/rp-NSM/nsm-
console/ directory for the full changelog.
Analysis Scripts
- iploc
- aimsnarf
- yahsnarf
- flowtime
Shell Aliases
- base64d and base64e uses openssl to decode base64 string and encode
strings into base64.
- delta reads numbers from standard input and outputs the difference
between the current number and the last number.
- enhex encodes standard in into hex output. [BR]] - unhex decodes hex
input into ascii output.
- ipsort uses the sort command, but has the flags to correctly sort IP
addresses.
- ipusort does the same as ipsort, but it removes duplicates (u =
unique).
- rot13 performs Rot13 on the standard input.
- urlde and urlen perform decoding and encoding of URL escaped
strings.
Shell Scripts
- asn2netblock.sh uses Robtex to translate an ASN number to all the
allocated networks.
- bingrep.pl
- bucketize.pl
- bytefreq.pl
- color_tcpdump.pl
- flow_watch.pl
- int2ip.sh
- ip2int.sh
- pcapcui.pl
- ruscert.sh
- ssh_rate.pl
- zencheck.sh
Tools Signatures
- Fl0p(16 Sigs)
- Pads(12 Sigs)
- TcpXtract?(4 Sigs)
Artworks
- 2 new wallpapers with various resolutions
- 10 new fluxbox styles
IDS Testing Toolkit(not confirmed)
- http://searchsecurity.techtarget.com.au/contents/21190-How-to-test-Snort
- http://dev.inversepath.com/trac/ftester
Windows Based Net Analysis Toolkit(not confirmed)
- Networkminer http://sourceforge.net/projects/networkminer/
- Wireshark http://wireshark.org
- Ntop-xtra http://www.openxtra.co.uk/freestuff/ntop-xtra.php
- Ngrep http://www.packetfactory.net/Projects/Ngrep/
- Windump http://www.winpcap.org/windump/
- Snort http://www.snort.org/dl/binaries/win32/
- Cain&Abel http://www.oxid.it/cain.html
- Ettercap http://ettercap.sourceforge.net/
- York http://www.geocities.com/the_real_sz/misc/york_.htm
HeX Sensor
- sguil
- bro-ids
- ourmon
- nfdump
- nfsen
- flow viewer
- cflowd
- silktools
- argus3


Enjoy!

Zamri Besar

unread,
Oct 5, 2008, 10:42:46 PM10/5/08
to HeX-l...@googlegroups.com

Matthew Lee Hinman

unread,
Oct 5, 2008, 11:23:22 PM10/5/08
to HeX-l...@googlegroups.com

Kevin Foo

unread,
Oct 6, 2008, 12:33:27 AM10/6/08
to HeX-l...@googlegroups.com
Thanks guys for the mirrors. I propose that we go for auto sync mirror in the future? Any suggestion on software to be deployed?

--
Regards
Kevin Foo

Zamri Besar

unread,
Oct 6, 2008, 2:39:12 AM10/6/08
to HeX-l...@googlegroups.com
On Mon, Oct 6, 2008 at 12:33 PM, Kevin Foo <chf...@gmail.com> wrote:
Thanks guys for the mirrors. I propose that we go for auto sync mirror in the future? Any suggestion on software to be deployed?

--
Regards
Kevin Foo


I guess anything with rsync should be okay and sufficient, and it is very simple to be used.

-zamri-

JJ Cummings

unread,
Oct 6, 2008, 9:54:38 AM10/6/08
to HeX-l...@googlegroups.com
agreed..

J
Reply all
Reply to author
Forward
0 new messages