This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Security

Review: BackTrack 2 security live CD

By Lorenzo Simionato on April 24, 2007 (8:00:00 AM)

Share    Print    Comments   

BackTrack is a live CD Linux distribution that focuses on penetration testing. A merger of two older security-related distros -- Whax and Auditor Security Collection -- BackTrack bundles more than 300 security tools.

BackTrack is based on the SLAX distribution (a live CD derived from Slackware) and runs a patched 2.6.20 kernel. It offers users both KDE and Fluxbox desktop environments.

To start using BackTrack, download the ISO image and burn it to a CD. Insert the disc and boot your machine. Once booted, the system start at runlevel 3 (text mode), where you must log in as root and choose whether to start KDE or Fluxbox or just use the terminal. BackTrack provides clear, concise instructions for logging in, starting the window manager, and configuring the video card before you see the login prompt. If you've never used BackTrack before, use a graphical environment, since it will help you understand how all the included applications are organized and let you take advantage of some graphical utilities. When the window manager comes up you'll find some ordinary desktop programs, such as Firefox, Gaim, K3b, and XMMS, within a nice environment with beautiful wallpaper and window transparency.

Don't let the attractive appearance fool you -- BackTrack packs a punch. The security tools are arranged inside a Backtrack submenu. This is a big improvement over older releases, because you can easily follow an attack methodology: starting by collecting information and end by hiding your actions.

The tools are arranged in 12 categories, such as vulnerability identification, penetration, privilege escalation, radio network analysis, and reverse engineering. Among the more than 300 security tools you'll find such familiar names as the Metasploit Framework, Kismet, Nmap, Ettercap, and Wireshark (previously known as Ethereal).

BackTrack 2
BackTrack 2 - click to enlarge
One of the core points of this release is the attention to detail. For example, when you choose most of the programs from the Backtrack menu, a console window opens with the output of the program's help. Some tools have been bundled with scripts that in a few steps configure and run the program for you. For example, if you run the Snort intrusion detection application, a script asks for some passwords and then sets up MySQL, Apache, Base, and Snort itself so you can easy browse alert logs via a Web browser.

If you open Firefox or Konqueror you'll find some useful security-oriented bookmarks. In the Documents submenu the developers have included PDF manuals for the ISSAF and OSSTMM security methodologies. There are also some tools that you wouldn't expect inside a live CD; for example, you have a popular debugger for Windows, OllyDbg, which runs fine through Wine, so you can even debug .exe files.

If you like the live CD, you can install BackTrack to a hard drive (decompressed, it requires 2.7GB of space) or USB memory stick (compressed, 700MB) using a graphical wizard.

While BackTrack is an excellent tool, nothing is perfect. Unfortunately it doesn't include Nessus, the popular security scanner, due to license problems. I tried to start PostgreSQL from the Services menu, but it gave an error. And it seems as if the developers forgot to update the Backtrack menu in Fluxbox, because it offers the previous version arrangement. Tools like VMware and Nessus appear on the menu but are broken links because they have been removed from this release.

Despite a few little bugs and problems, BackTrack is the best distribution I've found for handling security-oriented tasks out of the box.

Lorenzo Simionato studies computer science at the University of Venice.

Lorenzo Simionato studies computer science at the University of Venice.

Share    Print    Comments   

Comments

on Review: BackTrack 2 security live CD

Note: Comments are owned by the poster. We are not responsible for their content.

If only we could get DVL here too

Posted by: Anonymous Coward on April 25, 2007 09:34 PM
This will be in my toolbag by end of day. If only we could get the Damn Vulnerable Linux liveCD here also to go with it for training.

#

BackTrack 2 on macbook

Posted by: Anonymous [ip: 71.204.22.199] on July 22, 2007 07:56 PM
Hey I am not sure if anyone will be able to help me on this on.. When I boot in to Back Track on the macbook, and after all is booted and it is time to type "root" then "toor" it types everything two times... for ex if I type root it will display rroooott. It is doubling the characters. Any ideas on why this is doing this? Thanks.
[Modified by: Anonymous on December 11, 2007 06:51 PM]

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 82.250.162.115] on August 01, 2007 08:35 PM
normal.
Go to the backtrack wiki, bugs.

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 143.52.5.10] on August 07, 2007 10:44 AM
sf f sf

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 72.188.198.251] on August 28, 2007 12:09 AM
Recently installed BT-2-final to a 2gig flash drive. Works well but am dissapointed to find that the version which downloaded with the BT2USB4WinBETARELIZ2.rar downloader is Aircrack-ng .7 and not the updated .9 or .9.1 version which includes Aircrack PTW. Now I have to start over and find a copy of BT-2-final which contains Aircrack-ng .9 or .9.1. Would someone please tell me where to download such a creature? Does it exist? Thank you. Franky

#

Re: Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 80.216.159.21] on December 08, 2007 06:17 PM
Just follow wiki instructions for updating -ng suite

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 88.228.60.174] on September 02, 2007 12:18 PM
ofulyd

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 80.122.172.190] on September 02, 2007 06:03 PM
very good

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 172.16.0.25] on September 18, 2007 06:40 AM
hi

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 168.12.178.80] on September 22, 2007 09:41 PM
is there a compressed download of back track some where so i can download it to a jump drive

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 201.16.5.11] on October 07, 2007 06:22 PM
Eu me chamo MIsael Viana, eu li e reli, quase todo site de vocês, mas nao consegui, encontar, algum, lugar, para baixa esses, cds, o cd, eu nao sei se estou enganado, que o cd, nao é para baixar, é para compra, ou algo assim, se poderem me mandar uma mensagem , me explicando, eu fico, grato atenciosamnete MIsael Viana...Muito Obrigado...

#

Re: Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 88.224.29.226] on October 14, 2007 12:16 PM
thanks

#

Re: Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 189.24.40.116] on November 13, 2007 10:51 PM
Você pode baixa-lo é só achar um mirror que tenha a imagem. Veja que este site está todo em ingles. Acho que os caras não falam português.
Att,
Zero-Zen

#

Review: BackTrack 2 security live CD

Posted by: tuvnera on October 14, 2007 12:25 PM
thanks

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 217.23.39.1] on November 10, 2007 07:15 PM
when i write the bt login "root" and the password "toor" it write to me incorrect login.
i want to know why.

#

Re: Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 189.24.40.116] on November 13, 2007 10:48 PM
you have to download the other ISO Image again, because this image is corrupt. Check the MD5. I have this same problem.
Att,
Zero-Zen

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 201.16.245.253] on December 04, 2007 04:01 AM
not!
i am animal..human?? hahaha..no no no!
idiots

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 41.232.143.176] on December 18, 2007 08:29 AM
Yes

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 82.3.201.102] on December 26, 2007 08:55 PM
yes

#

Review: BackTrack 2 security live CD

Posted by: Anonymous [ip: 10.220.1.10] on January 29, 2008 10:15 PM
please can u have me a copy of this live cd and send it to me ? I live in Benin and my connecction cannot allow me to download it .If u can send me a mail at frallex@yahoo;.r an i will give u my P O box ; Thi

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya