BackTrack
From Wikipedia, the free encyclopedia
- For the Game Boy Advance game, see Back Track
 |
This article or section seems to contain embedded lists that may require cleanup. To meet Wikipedia's style guidelines, please help improve this article by: removing items which are not notable, encyclopedic, or helpful from the list(s); incorporating appropriate items into the main body of the article; and discussing this issue on the talk page. |
| BackTrack | |
 |
|
 BackTrack 3.0 (third release) |
|
| Website | www.remote-exploit.org |
|---|---|
| Company/ developer |
Mati Aharoni, Max Moser, Remote-Exploit |
| OS family | Linux |
| Source model | Free and Open Source Software |
| Latest stable release | 2.0 / March 6, 2007 |
| Latest unstable release | 3 Beta / December 14, 2007 |
| Kernel type | Monolithic kernel |
| Default user interface | KDE, Fluxbox |
| License | Various |
| Working state | Current |
BackTrack is a Linux distribution distributed as a live CD which resulted from the merger of WHAX and the Auditor Security Collection.[1] It takes advantage of SLAX's modular design and structure to enable the user to include customizable scripts, additional tools and configurable kernels in personalized distributions. The BackTrack project was created by Mati Aharoni and Max Moser and is a collaborative effort involving the community.
The most recent version, BackTrack 2, was released on March 6, 2007 and includes over 300 security tools.[2] A beta version of BackTrack 3 was released on December 14, 2007, but it was announced that its main focus was to support more and newer hardware as well as provide more flexibility and modularity.
Contents |
[edit] History
The BackTrack distribution originated from numerous Linux counterparts. WHAX, a name derived from White hat and SLAX, was a distribution designed for security tasks. WHAX emerged from Whoppix, a Knoppix-based security distro. When Whoppix reached version 3.0 it was renamed as WHAX, to reflect the change of parent distribution from Knoppix to SLAX. Customized by Mati Aharoni, an Israeli security consultant, WHAX made its central focus on penetration testing. WHAX made it possible to test and verify the security of a network from many computers located in various places.
[edit] Auditor Security Collection
Max Moser's Auditor Security Collection - "The Swiss Army Knife for security assessments" - was focused as well on Linux-based penetration tests.[3] The overlap with Auditor and WHAX in purpose and tools collection partly led to the merger. Auditor featured well-laid-out menus for its collection of over 300 tools for troubleshooting, network and systems-fortifying. Its user-friendliness resulted in enhanced usability for penetration testing which led to the formulation of the BackTrack security testing distribution.
The Auditor security collection was a Live CD based on Knoppix.
[edit] Current State
After coming into a stable development procedure during the last releases and consolidating feedbacks and addition, BackTrack producers restructured the development focal point from stability to functionality by restructuring the build and maintenance processes. With the current versions of BackTrack, the majority of applications are constructed as individual modules which improve the update performance with releases and fixes.
On 2007-07-15 BackTrack 3 was announced to be in the development process.[4]
[edit] Features
BackTrack focuses its central idea on the needs of computer penetration testers. The inclusion of Live CD and Live USB functionality enables any user to just insert their respective data medium and boot up BackTrack. Direct hard disk installations (2.7 GB uncompressed) can also be completed within the Live CD (700 MB compressed) environment through the basic graphical installation wizard with no restart subsequent to installation. BackTrack further continues its compatibility with the computer forensics demographic with accessibility and internationalization by including support for Japanese input in reading and writing in Hiragana, Katakana and Kanji.
The key additions to the BackTrack suite are notably -
- Metasploit integration
- RFMON wireless drivers
- Kismet
- AutoScan-Network - AutoScan-Network is a network discovering and managing application
- Nmap
- Ettercap
- Wireshark (formerly known as Ethereal)
BackTrack's functionality further increases with the arrangement of each tool in 16 categories. The tool categories are as follows -
- Enumeration
- Exploit Archives
- Scanners
- Password Attacks
- Fuzzers
- Spoofing
- Sniffers
- Tunneling
- Wireless Tools
- Bluetooth
- Cisco Tools
- Database Tools
- Forensic Tools
- BackTrack Services
- Reversing
- Misc
In relation to basic software packages, BackTrack includes some ordinary desktop programs such as Mozilla Firefox, Gaim, K3b, and XMMS.
[edit] Releases
The BackTrack project released its first non-beta version (1.0) on 2006-05-26. The next project module released two public beta versions of the newer BackTrack 2 on the 13th of October and 19th of November 2006.
The current stable version (2.0) was released on 2007-03-06.
BackTrack 3 is currently in the development process and the first beta release was released on 2007-12-17.[5]
Backtrack 3 Pre-final comes in June 2008.
As soon as newer versions of the BackTrack distro are released, older versions lose their support and service from the BackTrack development team.
[edit] Criticism
The BackTrack 2 release garnered some criticism. The security suite did not include the popular security scanner Nessus, due to various licensing problems.[6] Newer releases also created problems with PostgreSQL in Fluxbox which created an error, as well as the inclusion of programs such as the aforementioned Nessus and VMware which did not work. According to news releases the new version of BackTrack 3 will include advertising[7]. Currently, bookmarks in Firefox seem to be the only advertising visible in version 3 Beta.
[edit] Training
The Backtrack security distro has spawned a spin-off training course called Offensive Security, as well as the Offensive Security Certified Professional certification. This training course teaches basic penetration testing using the Backtrack Live CD.
[edit] References
- ^ Remote-Exploit Homepage http://www.remote-exploit.org/backtrack.html
- ^ Linux.com http://www.linux.com/articles/61417
- ^ Insecure.org - Bugtraq http://seclists.org/bugtraq/2004/May/0239.html
- ^ Forum thread http://forum.remote-exploit.org/showthread.php?t=7563
- ^ Forum Thread http://forums.remote-exploit.org/showthread.php?t=9954
- ^ Linux.com http://www.linux.com/articles/61417
- ^ http://www.remote-exploit.org/services.html as of 16-Apr-2008
[edit] See also
[edit] External links
|
|||||
