Devil-Linux is a Linux distribution

Linux distribution

A Linux distribution is a member of the family of Unix-like operating systems built on top of the Linux kernel. Such distributions are operating systems including a large collection of software applications such as word processors, spreadsheets, media players, and database applications...

 for use as a router/firewall which boots and runs completely from CD-ROM

CD-ROM

A CD-ROM is a pre-pressed compact disc that contains data accessible to, but not writable by, a computer for data storage and music playback. The 1985 “Yellow Book” standard developed by Sony and Philips adapted the format to hold any form of binary data....

. Devil-Linux is capable of running on an older PC

Personal computer

A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...

. This, combined with a hub or switch is a solution some Linux

Linux

Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

 users may prefer instead of using a dedicated router.

Devil-Linux does not provide a graphical interface, making it a very light-weight distribution. Nevertheless, it includes a wide range of services (E.g.: DNS, Web, FTP, SMTP, ...), tools (MySQL

MySQL

MySQL officially, but also commonly "My Sequel") is a relational database management system that runs as a server providing multi-user access to a number of databases. It is named after developer Michael Widenius' daughter, My...

, Lynx

Lynx (web browser)

Lynx is a text-based web browser for use on cursor-addressable character cell terminals and is very configurable.-Usage:Browsing in Lynx consists of highlighting the chosen link using cursor keys, or having all links on a page numbered and entering the chosen link's number. Current versions support...

, Wget

Wget

GNU Wget is a computer program that retrieves content from web servers, and is part of the GNU Project. Its name is derived from World Wide Web and get...

, ...) and security utilities (OpenVPN

OpenVPN

OpenVPN is a free and open source software application that implements virtual private network techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for...

, Shorewall

Shorewall

Shorewall is an open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel, making it easier to manage more complex configuration schemes....

, ...) ensuring a high level of flexibility. Saving the configuration to a (later write protected) floppy disk, the settings can be restored at boot. Without using writable media, Devil-Linux is extremely secure from outside attacks.

Devil-Linux uses a Linux from Scratch

Linux From Scratch

Linux From Scratch is a type of a Linux installation and the name of a book written by Gerard Beekmans among others. The book gives readers instructions on how to build a Linux system from source...

 (LFS) build system that allows the user to create customized versions of this distribution.

It uses the grsecurity

Grsecurity

grsecurity is a set of patches for the Linux kernel with an emphasis on enhancing security. Its typical application is in computer systems that accept remote connections from untrusted locations, such as web servers and systems offering shell access to its users.Released under the GNU General...

 kernel-patch.

Full software list

• AIDE - Advanced Intrusion Detection Environment
  Advanced Intrusion Detection Environment
  The Advanced Intrusion Detection Environment was initially developed as a free replacement for Tripwire licensed under the terms of the GNU General Public License ....
  
  
• Apache HTTP Server
  Apache HTTP Server
  The Apache HTTP Server, commonly referred to as Apache , is web server software notable for playing a key role in the initial growth of the World Wide Web. In 2009 it became the first web server software to surpass the 100 million website milestone...
  
   2
• Apcupsd
  Apcupsd
  Apcupsd is an application that runs on Linux, UNIX, Mac OS X and some Windows machines . It allows the computer to interact with APC Uninterruptible power supplies...
  
   - A daemon for controlling APC UPSes
• Arpwatch - tool that monitors ethernet activity
• AWStats
  AWStats
  AWStats is an open source Web analytics reporting tool, suitable for analyzing data from Internet services such as web, streaming media, mail and FTP servers. AWStats parses and analyzes server log files, producing HTML reports. Data is visually presented within reports by tables and bar graphs...
  
   - Free log file analyzer for advanced statistics
• CIPE - encrypted IP in UDP tunneling
• cron
  Cron
  Cron is a time-based job scheduler in Unix-like computer operating systems. Cron enables users to schedule jobs to run periodically at certain times or dates...
  
   - Scheduled command execution for your server or workstation
• cURL
  CURL
  cURL is a computer software project providing a library and command-line tool for transferring data using various protocols. The cURL project produces two products, libcurl and cURL...
  
   - command line tool to automate unattended file transfers or sequences of operations
• DenyHosts
  DenyHosts
  DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It is intended to prevent brute force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses...
  
   - a script intended to help thwart SSH server attacks
• ez-ipupdate - a client for automatically updating your IP address on the EZ-IP.net
• HA - High Availability (Heartbeat)
• hostapd
  Hostapd
  hostapd is a user space daemon. There are three: Jouni Malinen's hostapd, OpenBSD's hostapd and Devicescape's hostapd.- Jouni Malinen's hostapd :Jouni Malinen's hostapd is a user space daemon for access point and authentication servers...
  
   - is a user space daemon for access point and authentication servers
• iproute2 - is a collection of utilities for controlling TCP / IP networking and traffic control
• IPsec-Tools -
• Jailkit - a set of utilities to create chroot shells or chroot daemons
• l2tpd - Layer 2 Tunneling Protocol Daemon
• LCD4Linux - a small program that grabs information from the kernel and displays it on external LCD
• logrotate - is designed to ease administration of systems that generate large numbers of log files
• Logwatch - is a customizable log analysis system
• lpd
  Line Printer Daemon protocol
  The Line Printer Daemon protocol/Line Printer Remote protocol is a network protocol for submitting print jobs to a remote printer. The original implementation of LPD was in the Berkeley printing system in the BSD UNIX operating system; the LPRng project also supports that protocol...
  
   - Line Printer Daemon protocol
• SpamAssassin
  SpamAssassin
  SpamAssassin is a computer program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules. It is now part of the Apache Foundation....
  
   - A mail filter, written in Perl, to identify spam using a wide range of heuristic tests on mail headers and body text.
• Mgetty + Sendfax - a reliable and proven fax send and receive solution
• MRTG
  Multi Router Traffic Grapher
  The Multi Router Traffic Grapher, or just simply MRTG, is free software for monitoring and measuring the traffic load on network links. It allows the user to see traffic load on a network over time in graphical form....
  
   - Multi Router Traffic Grapher
• Nagios
  Nagios
  Nagios is a popular open source computer system and network monitoring software application. It watches hosts and services, alerting users when things go wrong and again when they get better....
  
   - a popular open source computer system and network monitoring application software.
• nameD - DNS Daemon
• Ntop
  Ntop
  ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status...
  
   - tool that shows the network usage, similar to what the popular top Unix command does.
• NTP - Network Time Protocol
• OpenLDAP
  OpenLDAP
  OpenLDAP Software is a free, open source implementation of the Lightweight Directory Access Protocol developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a platform-independent protocol. Several common Linux distributions...
  
   - implementation of the Lightweight Directory Access Protocol (LDAP)
• pam.d - Pluggable Authentication Modules
• Postfix
  Postfix (software)
  In computing, Postfix is a free and open-source mail transfer agent that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA....
  
   - mail transfer agent (MTA), a computer program for the routing and delivery of email
• PPP - Point-to-Point Protocol commonly used to establish a direct connection between two nodes.
• RADb - a public registry of routing information for networks in the Internet.
• Samba
  Samba (software)
  Samba is a free software re-implementation, originally developed by Andrew Tridgell, of the SMB/CIFS networking protocol. As of version 3, Samba provides file and print services for various Microsoft Windows clients and can integrate with a Windows Server domain, either as a Primary Domain...
  
   - provides file and print services to all manner of SMB/CIFS clients, including Windows
• Sarg - Squid Analysis Report Generator
• SASL2: Simple Authentication and Security Layer
• scponly is an alternative 'shell' for providing access to remote users to both read and write local files without providing any remote execution privileges
• SER - SIP Express Router, a high-performance, configurable, free SIP server
• Shorewall
  Shorewall
  Shorewall is an open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel, making it easier to manage more complex configuration schemes....
  
   -a high-level tool for configuring Netfilter.
• Snort
  Snort (software)
  Snort is a free and open source network intrusion prevention system and network intrusion detection system , created by Martin Roesch in 1998...
  
   - intrusion detection/prevention
• SOCKS - an Internet protocol that allows client-server applications to transparently use the services of a network firewall.
• SSH - is a network protocol that allows data to be exchanged over a secure channel between two computers
• SSL - Secure Sockets Layer, a communications protocol
• UPS - Automatic Shutdown
• VMware Tools - package enhances graphics and mouse performance in virtual machines
• WLAN - is a wireless local area network
• Zebra
  GNU Zebra
  Zebra is a routing software package that provides TCP/IP based routing services with routing protocols support such as RIP, OSPF and BGP. Zebra also supports special BGP Route Reflector and Route Server behavior. In addition to traditional IPv4 routing protocols, Zebra also supports IPv6 routing...
  
  - routing software