Security Live CD's - which can I trust?

Many of you are undoubtedly familiar with some of the Linux live CD's
that concentrate on the jobs of security auditing, network analysis,
intrusion detection and forensics. I'm interested in the following in
particular:

Auditor Security Collection
Pentoo
Knoppix-STD
GRML
PHLAK
INSERT
Whoppix
NavynOS
NST

Which of these do you recommend and which can I trust (or cannot) as
being free from trojans, spyware and other malware that might possibly
be used by the distro makers to spy on and crack systems rather than
help with analysis?

Thanks for your advice.

Robert

What makes you think you can trust what some stranger posts on this
newsgroup?

Robert Glueck <rglk@web.de> wrote in news:F9ednWS7WpQ2KOrfRVn-pA@rcn.net:

> Many of you are undoubtedly familiar with some of the Linux live CD's
> that concentrate on the jobs of security auditing, network analysis,
> intrusion detection and forensics. I'm interested in the following in
> particular:
>
> Auditor Security Collection
> Pentoo
> Knoppix-STD
> GRML
> PHLAK
> INSERT
> Whoppix
> NavynOS
> NST
>
> Which of these do you recommend and which can I trust (or cannot) as
> being free from trojans, spyware and other malware that might possibly
> be used by the distro makers to spy on and crack systems rather than
> help with analysis?
>
> Thanks for your advice.
>
> Robert

Why would the distro maintainers want to infect you with "spyware,
trojans, or other malware"? Also, these distro's are aimed towards
security folks - much higher chance of foul play being detected and the
backlash would catapult the foul distro into obscurity.

Just make sure you check the md5sums.
http://www.linuxiso.org/viewdoc.php/verifyiso.html

--
~
I am Against TCPA/TCG: http://www.againsttcpa.com/
What is it? --> http://www.againsttcpa.com/what-is-tcpa.html