The security of computer networks and applications has gained tremendous importance over the last decade. Vulnerability assessment and penetration testing have now become routine tasks to evaluate the security of corporate networks, servers, Web applications, databases and other computer applications. Today, there are companies and professionals that specialise in the field of computer security analysis.
There are plenty of tools available to assist such professionals in various phases of security evaluation; most of these are Linux-based and are freely available. Such a wide variety of tools has led to the development of various security-oriented Linux distributions. These usually have a light-weight operating system based on the Linux kernel, a light-weight window manager for the GUI, and a collection of security tools of interest. They are mostly available in “portable” form (as a live CD, DVD or USB), making it easy to use them without permanent installation on a computer.
In addition to security assessment, many security-oriented Linux distributions also aid in system recovery and digital forensic investigations. The most notable and comprehensive among these is BackTrack, which resulted from the merger of two earlier Linux distributions, WHAX and Auditor Security Collection.
Since its first public release (version 2 in late 2006), BackTrack has gained popularity rapidly, and attracted contributions from security professionals and open source developers. This makes it a premier and well-known toolkit, with the richest collection of open source security tools in present times.
The latest version, BackTrack 4, was released recently in January 2010.
In contrast to previous releases, which were based on Slackware, BackTrack 4 is based on Ubuntu (which, in turn, is based on Debian) and is a more complete, full-blown Linux distribution, instead of being just a live DVD. Powered by kernel version 18.104.22.168, it contains many bug fixes and improvements over previous releases.
With BT4, standard applications and libraries are kept up to date by the Ubuntu repositories, while security tools are kept up to date by BackTrack repositories maintained by Offensive Security. After booting BT4, you can install new packages, upgrades or updates using the
apt-get utility. This over-the-network-upgrade functionality was missing in previous BackTrack releases.
Besides these, BT4 comes with other new and notable features:
- Full functional support for Pico E-12 and E-16 cards, which can be used to accelerate WPA PSK and Bluetooth cracking with tools such as coWPAtty.
- Support for building and executing CUDA-powered applications, which exploit the computing power of graphics processing hardware (GPUs) from NVIDIA. Two important CUDA-based tools available in BT4 are CUDA-Multiforcer and Pyrit. CUDA-Multiforcer can be used to accelerate password cracking, whereas Pyrit helps in breaking WPA/WPA2 PSK Wi-Fi networks faster.
- BT4 supports PXE cards, and hence can be booted over the network.
- Inclusion of the popular vulnerability assessment tool, SAINTexploit.
- Inclusion of the latest version of the popular information-mining/gathering tool, MALTEGO 2.0.2.
- Latest 802.11 wireless injection patches are applied for comprehensive support of wireless injection.
- Availability of tools for RFID auditing.
- Enhanced functionality of the popular information-gathering and security-auditing tool, Unicornscan.
BackTrack is most popular as a live DVD (the ISO image is over 1.5 GB) or a live USB; there is no need, as such, to permanently install it on a particular host. To create a live USB, use UNetbootin on either Windows or Linux, give it the path to the BackTrack ISO image, and select the target USB drive… Simple.
However, since BT4 is based on Ubuntu, and has many general applications as well, a permanent installation to hard disk could be useful for the frequent use of its security tools as well as the general applications. To install, boot BT4 from the live DVD/USB, and then run
startx at the command line to bring up the GUI.
install.sh script on the desktop to begin installing BT. After selecting the time zone and keyboard settings, the partition configuration screen offers you options for: automatic partition configuration, taking into account already-occupied space on the disk; installing BT on your entire disk; and manually configuring partitions.
After partitioning is done, accept the installation summary, and click Install. In a few minutes, installation is done; GRUB will be configured automatically, if you have two or more operating systems installed on the hard disk (including BT).
BackTrack can also run in a virtual machine (for example, VMware Player running on a Windows host). You can either install into a new VM, with the BT ISO as the source, or download a prebuilt VMware image from the website.
The default BT username and password is root/toor. After BT is booted, the network interfaces are disabled by default, for security reasons. You have to bring them up explicitly, using the
ifconfig command. If you want to acquire an IP address for an interface from a DHCP server on the network, use the
As mentioned earlier, BT4 boots to a command line, and you need to run
startx explicitly to bring up the GUI. BackTrack has a simple KDE-based desktop by default, running a lightweight KDE3 window manager. The desktop provides easy navigation to security tools and other useful applications. Since most of the security tools are command-line utilities, clicking on such a menu item opens a new shell and displays the help message associated with the command.
An interesting element called the Run box is embedded in the lower panel, which allows you to run applications without starting a terminal application.
BT4 contains a variety of open source security tools for various purposes. These are available in the following
- Information gathering
- Network mapping
- Vulnerability identification
- Privilege escalation
- Maintaining access
- Radio network analysis
- VoIP analysis
- Digital forensics
- Reverse engineering
Apart from the security tools, the BT4 distribution also includes Internet applications like Firefox, and various chat clients like Skype. Also, various services such as HTTP, FTP, VNC, Remote Desktop and TFTP are available; these
can be easily started and stopped using the navigation menu on the desktop.
BT4, with the richest collection of security tools and other useful applications, has become today’s most popular self-sustained Linux distribution. It’s available for free, and is very easy to use. The distribution can be used for comprehensive security assessment of wired and wireless networks, Web applications, network servers and computer programs.
The toolkit can also be useful in learning network behaviour, troubleshooting network problems, digital forensic investigations and development testing. One can also customise the BackTrack distribution with other tools, and use it for many purposes, such as demos, marketing and training. The popularity of BT4 can be gauged from the fact that the distribution has already witnessed over a million downloads since its release.
The author works with a leading wireless security company in India, and is a masters in electrical engineering from IIT Bombay.