Several Linux distros are developed with security and user data privacy in mind. This article explores some of those.
If you are looking for security, privacy and anonymity (well, at least as much as practically possible) on the web, Whonix, a Linux based OS built around the Tor network might come handy. You can configure to run it hosted on a VM and use it. There is a comprehensive wiki to help you with the complete setup from scratch. Whonix is designed to be run inside of a virtualization package like VirtualBox. It relies on security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user’s real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.
Provides the capability to anonymize attacks while warning the user when he or she takes actions that may compromize anonymity. Combines the anonymity of TAILS, privacy of SRWare Iron, password recovery of hashkill, cryptography of DaKaRand and penetration tools of Kali.
Pro-actively protect your IT infrastructure with BackBox. It is the perfect security solution; providing pen-testing, incident response, computer forensics, and intelligence gathering tools. The most current release of BackBox Linux includes the latest software solutions for vulnerability analysis/assessment and pen-testing. It is one of the lightest/fastest Linux distros available.
- IPCop Firewall
Linux firewall distribution. It is geared towards home and small office or home office users. The IPCop web-interface is very user-friendly and makes usage easy.
professional and hardened Linux firewall distribution that is secure, easy to operate and coming with great functionality so that it is ready for enterprises, authorities, and anybody else.
An advanced penetration testing Linux distribution used for Penetration Testing, Ethical Hacking and network security assessments. Kali is preinstalled with over 600 penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP (both web application security scanners). Kali Linux can run natively when installed on a computer’s hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project’s Metasploit Framework, a tool for developing and executing security exploits.
A secure, reliable, lightweight and easy to use Gentoo-based LiveUSB/SD/CD Linux distribution with the primary purpose of enabling anyone to communicate safely and covertly in hostile environments. For privacy advocates, dissidents or sleeper agents alike.
Offers i2p and tor. As it comes with lots of pentesting tools, a lamp server and wordpress are included (to learn the tools). If not needed, those services need to be stopped. Environment is xfce4. Fluxbox and icewm are included.
Free Open Source FreeBSD based firewall, router, unified threat management, load balancing, multi WAN, Linux.
- Qubes OS
Designed to provide strong security for desktop computing using Security by Compartmentalization approach. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers.
- Tails (complete anonymity)
Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to use the Internet anonymously and circumvent censorship using Tor, leave no trace on the computer you are using unless you ask it explicitly and use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
Untangle NG Firewall is a Debian-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, VPN, SSL VPN, firewall, and more.