INSERT - Inside Security Rescue Toolkit

Welcome to INSERT v1.2.14 - the Inside Security Rescue Toolkit!

INSERT is a self-contained linux system with graphical user interface that boots from a credit card-sized CD-ROM.

On INSERT you'll find a lot of useful applications to aid you in various situations:

  • network analysis (e.g. tcpdump, nmap, iptraf)
  • data recovery (e.g. partimage, gpart, testdisk)
  • virus scanning (clam antivirus)
  • full write support for NTFS-partitions using captive
  • computer forensics (e.g. chkrootkit)
  • surf the internet (e.g. and advanced version of the web browser links)

You have access to some important applications via the fluxbox menu, which can be reached with a right mouse click over the background.
Or - from there - simply start a shell and use the command line.

Here are some hints for using INSERT:

  • You work as user insert by default. To work as root you can prefix commands with sudo or change identity with su -.
  • You can mount hard drive partitions, e.g. the first partition on the first disk recognized: mount /dev/hda1.
    The available partitions are also recognized by the mount applet (second from bottom in the below-right corner of the screen). Double-clicking on the corresponding drive symbol opens a file manager (midnight commander) in the mounted directory).
  • Full read-write support on NTFS-partitions - using the virtual driver captive - is one of the most important features since version 1.2 - making INSERT the first linux mini-distribution to provide this functionality!
  • Start avscan - the graphical frontend to the virus scanner clamav from the menu. You can browse its online help documentation, but mostly it should be self explanatory. INSERT is one of the few linux distributions that come with a comfortable user interface to the virus scanner.
  • Optionally the scanner clamav can be called directly from the commandline with clamscan - just execute the command in the directory you want to scan. Before that you need to download virus signature files: either use the fluxbox menu or call the command sudo freshclam and you'll get the most recent signature update. Test the correct function of the scanner with the anti virus test file eicar.txt which can be found in the home directory of the user insert.
  • Use the browser links to surf the internet (you need an established internet connection). The configuration and the menus of links can be accessed with a mouse click in the header area.
  • Your internet connection is fast? Then you have the option of downloading Mozilla Firebird. It will be unpacked to and run from memory.
  • Use the intuitive file manager emelfm. All common tasks can easily be done with it.
  • If you need to eject the CD, e.g. in case you want to burn a CD or DVD, then please start INSERT again using the boot option insert toram. The complete system will then be loaded into RAM, run from there, and the drive won't be blocked.
  • If the network settings have not been automatically set by DHCP, configure the basics with netcardconfig from the menu or manually with e.g.:
    ifconfig eth0 netmask
    route add default gw
    Don't forget the nameserver entry in /etc/resolv.conf :
    e.g. nameserver
    Obviously the data have to fit your network setup.
  • Configure your internet connection easy and fast with the tools you'll find in the menue:
    pppconfig, pppoeconf (for DSL) or isdnconfig (for ISDN).
  • With your INSERT-CD you can even boot systems, that don't have a CD-drive, as long as they provide a boot facility via PXE or Etherboot/Netboot.
    Simply start insert-remote from the command line or from the menu and answer the given questions. After that you can run a system on INSERT, that can boot over the net and lives in the same subnet as the first machine you booted with the INSERT-CD.
  • Please take a look at the list of applications shipped with INSERT.
  • A suggestion: Take a closer look at the applets in the below-right corner. By clicking in the usual, various ways, special actions are to some extent being initiated.
    Can you find the root shell?
  • Information material about Inside Security GmbH is provided in the root directory of the CD-ROM (PDF-format) for you.
    Unfortunately there was not enough space on the CD to integrate a PDF-reader. Just use any other operating system to access the CD and the information material.

Please send bug reports and suggestions for additions. We will be happy to improve the next version according to your needs.

You can subscribe to the notification about new releases on the project page of INSERT on

Have fun and success with INSERT.
Inside Security IT Consulting GmbH