Hi, so maybe a stupid question but you have ubuntu and ubuntu server, do you think there will ever be a parrot os server edition?
Thanks for Using Parrot OS, but we are now with a small dev team and currently not planned for any server edition. But hopefully we can do that in future.
Our distro is a Debian-based, it is not ubuntu based. About “server” version idea, i am having the same idea as you. For example: we can install Parrot in a virtual server, make it be a vuln assessment server or pentesting service inside internal corp network. But now we are lacking of human resource and other editions are just ideas and plans
p/s: we are thinking about training edition which has pre-installed examples and materials as well. We think it will be helpful for cyber security students.
@dmknght I think the training edition is a fantastic idea, I hope it makes it through the pipeline.
Nice ideas boys…
Maybe it could be good to integrate this I found, https://archerysec.com/index.html
And https://github.com/Cyb3rWard0g/HELK , https://cyberwardog.blogspot.com/2018/04/welcome-to-helk-enabling-advanced_9.html
Not intended to be spam.
HELK works like a IDS system, but our idea is a offensive platform. I had a short convenstation this morning (my location time) with @s1udge and we both agree add tools that aiming to corp pentesting (lync, exchange, mail, … services) is a good idea for both security edition and cloud / server edition. IT would be great if somehow we can support things like threat hunting, … but that is too much, too much for a small group. By now, they are all ideas
@SandC My idea is based on Damn Vuln Linux. I thought: “DAmn Vuln Linux was abadoned” and “We need a distro that can be used as daily system, work system, why not a training system?”. We are having materials but we needs more materials to make it good, and ofc maintainers to make everything better. Just put everything inside a folder without maintaining and thinking about user is super bad.
has there been any consideration to maybe doing something bare-metal like Qubes for better/cleaner isolation between environments still inline with maybe using Xen for virtualization and or proxy bouncing?
I guess where this all came from is I have a spare Dell server after upgrading the office and when looking for a distro to experiment with I asked myself the question that started this thread, I realize that it may not be possible in the near future but it would be great if it ever came up, and if I can help at all in this project let me know.
We are having anonsurf as a proxy and firejail as sandbox. We are doing system hardening to increase our security level.
@SandC: Thanks for your supporting. Maybe you want a private chat with @s1ludge. He is our “manager” hehe
I think providing a Parrot OS Template for Qubes OS makes more sense. I run Parrot Desktop on every machine not strong enough to run Qubes, but I’d like to have some parrot-based App VMs in Q as well
For an “out-of-the-box”, debian-based personal server, investigate freedombox.org.
Freedombox is installable through Synaptic Package Manager, and (in Parrot 4.6) you access its interface through your browser at http://127.0.0.1. You’ll get a browser security advisory that you will have to initiate an exception for, but their installation video at Feedombox.org covers this.
On first boot, FreedomBox will perform its initial setup (older versions of FreedomBox reboot after this step). This process may take several minutes on some machines. After giving it about 10 minutes, proceed to the next step. Note: Currently, due a known bug, you need to restart your FreedomBox after 10m and then proceed to the next step.
After the FreedomBox has finished its initial setup, you can access its web interface (called Plinth) through your web browser.
If your computer is connected directly to the FreedomBox through a second (LAN) ethernet port, you can browse to: http://freedombox/ or http://10.42.0.1/. If your computer supports mDNS (GNU/Linux, Mac OSX or Windows with mDNS software installed), you can browse to: http://freedombox.local/ (or http://the-hostname-you-entered-during-install.local/) If you know your way around the router's web interface, you can look up the IP address of the FreedomBox there, and browse to that address. If none of these methods are available, then you will need to figure out the IP address of your FreedomBox. You can use the "nmap" program from your computer to find its IP address:
Getting Started (terminal version)
If you are installing on an existing Debian installation, you don’t need to download any images and install them on a SD card. Instead read the instructions on setting up FreedomBox on Debian. FreedomBox is a pure blend of Debian. This means that all the work on FreedomBox is available in Debian as packages. It also means that any machine running Debian can be turned into a FreedomBox.
This page describes the process of installing FreedomBox on a Debian system. Currently, FreedomBox works in Debian Stable (Stretch), Testing (Buster), and Unstable (Sid).
Freedombox installs like a dream from Synaptic (be sure to capture the “wizard secret code” in Synaptic’s installation details box, or you can’t access Freedombox’s interface). However, on a Live, Encrypted Persistence installation of Parrot 4.6, it 1) would not network properly, and therefore none of the included apps would work, and 2) it literally douched out my Parrot user account, and substituted its own Frankenstein account, which was a totally disheveled mess when I logged into it from having logged out of my Parrot user account. I had to rebuild my Live Encrypted Persistence partitions twice in order to be sure it wasn’t something I had done to destroy my Parrot user account.
If you’re a networking guru, and you decide to try to install Freedombox in Parrot either through Synaptic or through terminal commands, be damn sure you back up everything on your Parrot partition first.
Another problem may have been that my PC didn’t qualify as a Single-Board Computer (SBC), although I would have anticipated an installation failure if that were the case. And I didn’t do all the preliminary “hardware prep” etc., because the Debian installation page did not mention doing so.
My plan now is to just buy the whole ready-made server from Olimex.com -->> See Freedombox Hardware Compatibility because I don’t have time to geek with it. However, there are instructions for building your own SBC-based out-board server from parts of your own choosing. Just be sure to check their compatibility at the webpage above.