Что такое linux backtrack

BackTrack Linux: Penetration Testing Made Easy

BackTrack Linux can reveal some very serious shortcomings within a given network. It can also reveal some viable methods to fix them.

Obsessive-compulsive disorder (OCD) may be the best gauge of professionalism within the ranks of system administrators worldwide. With everything neatly positioned on their desks at 90 degree angles, surfaces wiped to irritating Cloroxed perfection and family pictures hung on cubicle walls (with the help of a leveler), the best system administrators typically allow their inherent perfectionism to spill into the administration of their network.

Which users have what permissions? Which systems are on what VLAN, and what IP address scheme will be used for which subnet?

The best system administrators maintain some type of organizational scheme for all of these questions – and more. If you’re one of these organizational freaks of nature, there’s a tool out there you may be missing – a certain Linux distribution where order, intuitiveness and functionality were implemented to make life easier for security professionals. This Linux distribution is called BackTrack, and professionals should get to know it, because it’s highly useful, and it can be exploited by hackers. (For background reading on Linux, see Linux: Bastion of Freedom.)

What Is BackTrack?

On February 5, 2006, BackTrack 1.0 was released and billed as a merger between two competing Linux distributions known as WHAX and Auditor Security Linux. It featured a KDE desktop that ran on top of the 2.6.15.6 Linux kernel, but its primary claim to fame revolved around the highly detailed compilation of out of the box penetration tools. Over the years, BackTrack released approximately one new distribution every year. At the time of this writing, the most current release is Backtrack 5 Release 1, which was released in August 2011. It has become wildly popular within the security industry. BackTrack 5 is based on Ubuntu, and allows for easier updates due to its access to Ubuntu’s software repositories. It also features both a KDE and a GNOME desktop that the end user may select prior to downloading the ISO image.

Some Useful Tools

The latest and the greatest BackTrack has a few more bells and whistles. But what sets BackTrack apart from many of its Linux brethren is the compilation of out of the box security tools, coupled with its Ubuntu Long Term Support (LTS) partnership. Not only can security administrators save incalculable amounts of time by having so many tools at their fingertips, but they also may take comfort in the fact that BackTrack’s access to Ubuntu’s repositories allows for easy updates and easy downloading of additional tools. Some of the more popular security tools currently offered by BackTrack 5 are Metasploit, Network Mapper (Nmap) and John the Ripper.

The Metasploit Framework was developed in 2003 as a means to take advantage of known software bugs when assessing a given network. Currently, Metasploit has made considerable gains in popularity, and it has proceeded to make significant advances in the areas of Wi-Fi and protocol exploitation. Perhaps the most common use of Metasploit involves its ability to assess whether a given node has been updated and patched correctly. For example, Microsoft routinely releases updates and/or security patches after certain vulnerabilities have been discovered by Microsoft or a third party. After said patch is released, Metasploit Framework developers create exploits to take advantage of previously patched Microsoft bugs. Consequently, security auditors that choose to use Metasploit often do nothing more than simply ensure that a given node is updated and patched properly. (Read more about patches in Patch the Future: New Challenges in Software Patching.)

Widely considered the gold standard of port scanners, Nmap is one of several scanners available within BackTrack. Originally developed as a host discovery tool, Nmap has achieved a profound level of popularity in the security community, as it also provides port scanning and operating system (OS) detection services. Nmap comes installed in BackTrack and allows the end user to use the tool on the command line or by using the Zenmap GUI.

Much like Nmap, John the Ripper increasingly has become an industry standard in the security community. This Linux password cracking tool works completely offline and receives commands solely via the command line. Although it primarily operates on Linux machines, John the Ripper is capable of cracking passwords across several different platforms. John is an invaluable tool for system administrators that want to assess the complexity of various passwords used across a network. However, system administrators must ensure that they have access to the password file on each node.

Best Friend, Worst Enemy

BackTrack Linux is a lot like a loaded handgun: It can be used for both good and evil. When used by those that adhere to the ethical side of vulnerability exploitation, BackTrack can reveal some very serious shortcomings within a given network;. It can also reveal some viable methods to fix these shortcomings. When used by those that scoff at the ethical side of BackTrack’s vulnerability exploitation, it can be absolutely lethal when turned against a given network for nefarious purposes. The Metasploit feature alone can result in the utter devastation of an improperly patched network. System administrators that are unfamiliar with Backtrack should be intimately familiarized with the many tools, services and features that make up the current BackTrack Linux operating system.

Источник

BackTrack For Linux

In a nutshell: The highest rated and praised Linux operating system for security professionals and hackers #Pentest distribution #Linux for hackers #Kali Linux #Pentesting #Security #Hacking #Linux

Softpedia Review

changelog

Download Now

BackTrack was an open source Linux distribution that could be used by security professionals for penetration testing and digital forensics tasks in a native computing environment dedicated to hacking. It has been officially discontinued in February 2014.

Distributed as 32-bit/64-bit Live DVDs with GNOME and KDE

Thanks to Softpedia, users can still download BackTrack Linux and install it on their personal computers or laptops. It is distributed as four Live DVD ISO images, supporting the GNOME and KDE desktop environments, as well as both 64-bit and 32-bit architectures.

Boot options

The Live DVDs feature a custom boot menu that allows users to start the live environment in stealth mode (without network connection), forensics mode (without drive or swap mount), text mode, safe mode, as well as to boot the existing OS or test the RAM for errrors.

When booting the Live DVD, users will be dropped to a shell prompt, where they need to execute the startx command in order to enter the live session, which provides users with a traditional desktop environment (KDE or GNOME).

The world’s best penetration testing tools

The distribution has been heavily customized to be used in real-life penetration testing tasks. It includes a vast collection of security oriented applications and provides users with two popular desktop environments. As a matter of fact, it is the only Linux distribution in the world that contains so many security applications. It is geared towards experts and novice security users alike.

The security-oriented applications have been arranged into 12 categories: information gathering, vulnerability assessment, exploitation tools, privilege escalation, maintaining access, reverse engineering, RFID tools, stress testing, forensics, reporting tools, services, and miscellaneous.

Downloaded over 1 million times on Softpedia

Whether you use this system to learn new hacking techniques, exploit servers, hack wireless networks, or perform a web app assessment, BackTrack is the number one solution for all of your security needs. Since March 2013, BackTrack has been rebuilt around the Debian GNU/Linux operating system and it is now released as Kali Linux. On August 30, 2014, BackTrack was the first Linux distribution to reach one million downloads on Softpedia!

Источник

BackTrack: варианты и обзор дистрибутива

В разделе загрузок сайта проекта (www.backtrack-linux.org/downloads) можно выбрать нужную версию дистрибутива. BackTrack — это LiveCD с возможностью установки на жесткий диск в качестве постоянной системы.

Последняя стабильная версия дистрибутива на момент написания — это 5 R1 (сборка пятой версии с единственным значимым обновлением компонентов), которая может явиться своему пользователю в двух вариациях: с графическими средами GNOME и KDE.

Кроме того, имеются 32-битные и 64-битные сборки, а версию с GNOME можно скачать и для архитектуры ARM.

Для тех, кто хочет попробовать BackTrack на виртуальной машине, предусмотрен образ для VMWare.

Отдельно отмечу, что после выхода очередного релиза BackTrack поддержка предыдущей версии прекращается. Об этом стоит помнить тем, кто привык к одновременной поддержке нескольких релизов дистрибутива, вышедших в разное время.

Кроме того, есть сайт www.backtrack-linux.com, предоставляющий возможность собрать образ BackTrack под свои нужды, используя при этом программное обеспечение, отсутствующее в обычной сборке. Там же предоставляется поддержка для компаний (установка, развёртывание и обслуживание BackTrack). Эти услуги являются платными в отличие от обычных сборок дистрибутива.

Загрузочное меню BackTrack Linux

Что же представляет собой BackTrack версии 5? Сразу оговорюсь, что для описания дистрибутива я выбрал с GNOME. Итак, выбрав в меню загрузчика (см. рис. выше) нужный вариант (помимо обычного режима предлагается, например, запустить систему с отключенной поддержкой сети или без проприетарных драйверов), перед нами предстанет загрузочная картинка со стилизованным изображением дракона, которая пусть и красива, но не содержит полезную информацию о текущем прогрессе загрузки.

В отличие от Ubuntu в системе автоматически не загружается рабочий стол — для начала работы вам предлагается текстовая консоль, откуда можно залогиниться и уже затем запустить графическую среду командой startx.

Здесь нас встречает обычный GNOME версии 2.30.2, с фирменным фоном рабочего стола и иконкой для запуска установщика дистрибутива.

Программное обеспечение в составе дистрибутива весьма специфично. Игр в меню мы не увидим, а из офисных приложений есть только программа ведения заметок KeepNote 0.7.1 и стандартный для GNOME словарь. В разделе графики расположился легковесный просмотрщик PDF-файлов Xpdf.

Меня удивилось в столь серьезном дистрибутиве наличие панели для запуска программ Wbar. Не менее удивительно и следующее: если запустить этот launcher, на нем можно увидеть ярлыки для запуска программ, отсутствующих в дистрибутиве (OpenOffice.org, GIMP и других программ).

Вопрос, зачем это нужно, предпочитаю оставить открытым. Но лучше вернусь к имеющимся приложениям: среди них выделю веб-браузер Firefox 5.0.1 (с предустановленным блокировщиком скриптов NoScript), сетевой менеджер Wicd 1.7.0, утилиту для запуска Windows-приложений Wine 1.2.2.

Источник