Open Source Software Technical Articles

Want the Best of the Wazi Blogs Delivered Directly to your Inbox?

Subscribe to Wazi by Email

Your email:

Connect with Us!

Current Articles | RSS Feed RSS Feed

Get Professional Security Testing with BackTrack

  
  
  

BackTrack Linux has established itself as the de facto suite of choice for security professionals and administrators who want to find any possible holes in their servers, systems, and networks. This bootable Linux distro includes a complete set of tools that can help you not only assess the security of your system but also aid in uncovering possible break-ins, making it an essential part of any administrator's toolkit.



While you should heed all security advisories for the distribution and applications you use, just keeping the systems up-to-date and tucked behind a tight firewall is not enough to safeguard your machines, network, and the data. Unless a break-in is perpetrated by a novice, even a skilled administrator has little chance of detecting it before the cracker does damage. BackTrack can help you find weak spots in your defenses so that you can seal them off.



Penetration testing involves deliberately attacking your system to determine vulnerabilities. Using a variety of tools designed for specific tasks, you attempt to break into your own system. Exhaustive pen testing helps you assess potential breach points, which you should then plug before anyone attempts to exploit them.



The hundreds of tools on offer with BackTrack are ones that the security professionals who created the suite deem best for each specific job, be it for sniffing passwords in the Wi-Fi stream, harvesting email addresses, or cracking passwords.



BackTrack is a live DVD distribution, which means you don't need to install it to use all the tools on offer, though an install script is included should you wish to install it to disk. It comes in both KDE and GNOME versions, a luxury not offered in past releases, which all used KDE exclusively. The distribution made a successful switch to Ubuntu as its base distribution with BackTrack 4, and the current BackTrack 5 release is based on Ubuntu 10.04 LTS. But don't expect the Ubuntu you might be used to – because it's designed to be used for security purposes, the distribution lacks many common applications, though if any software you want is missing from the DVD, chances are you'll find it in the software repositories.



All the BackTrack tools, most of which run at the command line, can be accessed from the K-Menu -> BackTrack entry on the desktop, if you're running the KDE version, or the Application -> BackTrack menu on GNOME. Within some categories, you'll find a deep nested tree structure. The category names should help you identify the purpose of the tools within.



If you're a CLI junkie, all the scripts and tools in BackTrack reside under the /pentest directory, and you can launch the scripts directly from the terminal. However, you won't find the same tree structure within /pentest as you would in the graphical menu on the desktop. You might have to wander through the directories trying to locate the script or tool you wish to run. It's easier to launch the tool using the BackTrack menu.





On the menu you'll find a category for information gathering and one for privilege escalation, among others. Information gathering contains tools that can be used to gather information without touching the target machine. These tools rely on public resources such as email addresses, mail servers, and websites to gather information. The privilege escalation category contains tools that come into play once you've exploited a vulnerability in the target machine to gain access, and now need to gain a higher privilege (root access, for instance).



Since it's designed to be used by security professionals or administrators, everything in BackTrack is geared toward security. For instance, BackTrack comes with the Firefox web browser, enhanced with many plugins to keep you protected from potentially harmful sites. When browsing, should any website fail to load, look at the status bar – the NoScript plugin might have blocked the site. Click Option on the bottom right of the status bar to allow the site, if you trust it, to view the web page.


19a98812-f823-48dc-841e-bf029c63c6d7

Cracking Wi-Fi Encryption



Once you've had a chance to survey the tools on offer, it's time to consider some practical scenarios where BackTrack might come in handy.



A simple search on the Internet reveals best practices for securing your wireless hotspots. But measures such as WEP and WPA encryption aren't enough to keep determined troublemakers at bay. They employ software tools to crack Wi-Fi encryption. So does BackTrack – all the tools you need to identify Wi-Fi hotspots, capture data transferred over the stream, and crack WEP.



To actually perform the cracking, you need to use the Aircrack-ng suite of tools bundled with BackTrack. The project's website offers detailed documentation on each of the different tools in the suite, as well as how to use them to crack encryption. In fact, the tool is so popular, you'll find detailed instructions on how to use it on many technology blogs, and even videos on YouTube.



Information Gathering



Access to various online public resources is all you need to collect different kinds of information about a potential target. You can use websites such as

The screenshot above is heavily redacted, because I don't want to get into trouble. But as you can see, in addition to downloading 40 PDF files, I've also learned two usernames whose passwords I can bruteforce crack. Look under Menu -> BackTrack -> Privilege Escalation -> Password Attacks to choose from any number of bruteforce tools, include John the Ripper.



More Resources



Wi-Fi hacking and information gathering are just two fun and easy things you can do with BackTrack. Security professionals can use its many tools to do much more. For more details, see the distribution's forum boards and wiki.



As penetration testing is a specialized skill, Offensive Security, the people behind BackTrack, also conduct courses to help penetration testers and system administrators understand the power of the included tools. After taking the flagship course, Pentesting with BackTrack, or if you're confident about your pen testing skills already, you can apply for an Offensive Security Certification.




This work is licensed under a Creative Commons Attribution 3.0 Unported License
Creative Commons License.


This work is licensed under a Creative Commons Attribution 3.0 Unported License
Creative Commons License.

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics