Review: Linux Security Distributions

Matriux Linux

Based on: Debian
Current version: 2.49 Beta

The Ec-centric release of Matriux boasts over 300 tools you can use for penetration testing, security auditing, system and network management, vulnerability analysis, forensic investigation, and 'ethical' hacking.

Much like Kali Linux, Matriux is built upon Debian and sports a Gnome-classic desktop with a cliché dark theme replete with its own icon sets. Tools are broken down under an appropriately named 'Arsenal' sub-menu and include popular stalwarts like Etherape, Wireshark, Zenmap, WiFi Radar and Aircrack-ng along with some lesser known entries such as Bluetooth and VoIP tools, website exploits, smartphone penetration tests, a selection of debuggers and even a stenography program to hide and share data.

It also makes the interesting choice in the bundling of Mantra, a security-focused fork of Firefox that includes dozens of security-minded plugins covering everything from geolocation and code inspection through to proxies and penetration testing. It's actually quite impressive, and you should certainly go through your public-facing website pages utilising its range of analysis and exploit plugins to see just how your site stacks up.

The distribution itself is also security-hardened and includes its own custom kernel, while updates can be had through Debian's package management system.

Matriux is certainly one of the more comprehensive distributions out there, with its breadth of tools reflected in the download of the live-CD -- in fact, calling it such is a bit of a misnomer when it weighs in as a 3G ISO image!

Another one for which the password is not immediately evident: to login in to the live-CD as the Matriux user, enter the password 'toor', and have fun exploring.


Based on: Ubuntu
Current version: 4.0

Renmux is included here as security focused but with a slightly different mandate: its goal is to assist in the reverse-engineering of malware. It does however still include security-focused tools such as Wireshark while its version of Firefox is automatically configured for website analysis.

Unlike the other distributions here, it comes with an excellent cheat-sheet for new and experienced Linux users alike in making use of all the tools included, explaining how to start analysing network malware, examining malicious websites, and scanning suspicious executable and document files. In fact it has everything you need to analyse Microsoft Word doc and PDF infections, perhaps helping you track down the source of an exploit that's entered your network.

Wine is also bundled to allow for running Windows programs and, naturally, assist in determining the nature of any Windows-borne intrusions.

Matriux's focus means it bundles less security-focused tools than some of the other products covered here, but it's also a smaller download and comes pre-configured as a virtual appliance in both the OVF/OVA and VMWare formats, in addition to providing a live-CD ISO. Using Renmux combined with one of the other distributions we've looked at here, all your bases will be covered.

Distribution primer

If you're unfamiliar with the wide and diverse ecosystem of Linux distributions, here's a quick primer on the core ones that the security distributions we covered here are based on. Put another way, all of these security-focused versions of Linux are derivatives in one form or another of the following well-known Linux distributions.

Building task-specific distributions this way is one of the key advantages of Linux and open source—taking an appliance and changing it to suit a particular need. Doing so not only provides a stable platform on which to build, but often provides access to the wealth of software packages for that base distribution as well. For example Kali Linux is based on Debian, so any packages from the Debian repositories can be installed in addition to those provided by Kali Linux.


Debian is one of the earliest and oldest Linux distributions. Its focus has always been consistency and stability, and as a result many other distributions are based on it, including a good chunk of the more popular server-based appliances. However, this same focus often sees it as slow to adapt new versions of packages (in order to ensure stability through thorough testing) and so other distributions often build on it with more up-to-date programs. This is ostensibly how Ubuntu began, which is also based on Debian and is now the world's most popular desktop distribution.


Fedora is an official fork of the Red Hat distribution, also one of the oldest Linux distributions. While initially community-driven, Red Hat has since evolved into one of the world's most well-known enterprise Linux platforms, and remains so today. Fedora is somewhat of a return to the community-driven model and is both a playground for new software and is officially endorsed and supported by Red Hat. While Red Hat is enterprise focus, many desktop-focused distributions use Fedora as a base.


Gentoo popularised the source-based distribution many years ago, a system by which software is packaged not as binaries but as source-code that is compiled real-time when a package is installed. On the one hand this makes installing software slower, but on the other gives full control over how a program is configured, while also allowing optimisations like platform-specific code to be used by the compiler and which frequently provides a performance boost (as opposed to generic binaries designed to run on the widest range of hardware).


SUSE Linux is the most popular Linux distribution in Europe, and with good reason. Its excellent package management tools and pioneering projects like SUSE Studio have seen it not only dominate the other side of the globe but also spawn a great many distributions that use it as a base. As with Red Hat and its community-driven Fedora fork, OpenSUSE is the community-managed version of SUSE Linux, the primary competitor to Red Hat in the enterprise for Linux and open-source software.


Slackware is often spoken about is hushed tones of reverence for it was essentially the first mainstream Linux distribution, bundling a wide range of programs beyond just the kernel and basic utilities, that was first released almost 20 years ago. And while it's a niche distribution today, it's unique in that the project is still lead and maintained by its original author.


If you haven't heard of Ubuntu then you're probably in the wrong industry. Built by Canonical, a company founded by South African billionaire Mark Shuttleworth, Ubuntu first popularised Linux for the average user with its desktop-focused ease-of-use distribution. However, it has since expanded into the enterprise space, built its own cloud-storage and iTunes-competing music store, and is soon to release a phone operating system to go up against Android and iOS. Literally, Ubuntu means 'humanity to others'.

Tags ubuntufedoraOpenSUSEdebianLinux security distributionsGentooNetSecLRemnuxPentoonetwork security toolkitBackboxKali LinuxSlackwareWiFiSlaxMatriux Linux

Show Comments