Slugs are versatile little machines. I installed Slugos on my NSLU2, followed by the tools I used in my sampling video.
Unfortunately, it’s too small for my sticker 😉
When I access it with SSH, I see no difference with a shell account on a regular machine.
My Python programs work unmodified, and I can compile my C programs like SpiderMonkey.
As a virus lab, it has a couple of advantages:
- no malware is targeting this platform (yet), so you can use it to sample and analyze malware without risking infecting the lab
- the OS is stored on a USB storage device, providing easy swap and imaging (e.g. rollback) capabilities
- you can connect infected harddisks to it (via a USB adapter) and inspect them without risk
- it’s a full Linux distro (no GUI, of course): you can find many pre-build (security) tools or compile your own
For an Howto:
Installing Slugos as per these instructions.
Installing a C compiler (not essential for a virus lab):
- echo ‘src/gz optwarenslu2 http://ipkg.nslu2-linux.org/feeds/optware/nslu2/cross/stable’ > /etc/ipkg/optwarenslu2.conf
- ipkg update
- ipkg install crosstool-native
Installing the Optware feed as per these instructions.
Installing the Optware toolchain:
- /opt/bin/ipkg-opt install optware-devel
Linking /usr/bin/python to the python2.5 executable
Now if I could just get my hands on a small biohazard sticker…