Update: REMnux v3 is out!
I’m preparing the next release of the REMnux Linux distribution. REMnux is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software. To date, the distro has been downloaded about 20,000 times in its live CD and virtual appliance forms.
I expect the new REMnux release (version 3) to incorporate the following major changes, while remaining mostly backwards-compatible with prior releases:
- Based on the latest version of Ubuntu (11.10)
- Use a more full-featured X desktop environment (LXDE instead of Enlightenment)
- Use a more common IRC client (EPIC instead of Irssi)
- Incorporate the latest version of Volatility memory analysis software and plugins (2.0 instead of 1.4 RC 1)
- I’m still deciding whether to include the Wine Windows emulator at the “cost” of about 400MB)
- Include several additional malware analysis tools that I’ve been experimenting with
If you’d like to assist with the REMnux v3 effort, please get in touch with me. Here’s where I need help:
- Tell me if you’d like to test a beta release of REMnux v3 when it becomes available
- Share with me your recommendations for improving REMnux, if you’re a current user of this distro
- Let me know if you’d like to fine-tune the user interface of the new release, so it’s more user-friendly
- Drop me a note if you’d like to suggest that I include a tool related to malware analysis that isn’t already in REMnux