BackTrack

Infobox_OS
name = BackTrack



caption = BackTrack 3.0 (third release)
developer = Mati Aharoni, Max Moser, Remote-Exploit, jayme
family = Linux
source_model = Free and Open Source Software
latest_release_version = 3.0
latest_release_date = release date and age|2008|06|19
latest_test_version = 3 Beta
latest_test_date = release date and age|2007|12|14
kernel_type = Monolithic kernel
ui = KDE, Fluxbox
license = Various
working_state = Current
website = [http://www.remote-exploit.org/backtrack.html www.remote-exploit.org]

BackTrack is a GNU/Linux distribution distributed as a Live CD which resulted from the merger of [http://distrowatch.com/table.php?distribution=whoppix WHAX] and the Auditor Security Collection. [Remote-Exploit Homepage http://www.remote-exploit.org/backtrack.html] It takes advantage of SLAX's modular design and structure to enable the user to include customizable scripts, additional tools and configurable kernels in personalized distributions. The BackTrack project was created by Mati Aharoni and Max Moser and is a collaborative effort involving the community. BackTrack 2 was released on March 6, 2007 and includes over 300 security tools. [Linux.com http://www.linux.com/articles/61417] A beta version of BackTrack 3 was released on December 14, 2007, but it was announced that its main focus was to support more and newer hardware as well as provide more flexibility and modularity.

BackTrack 3 was released on June 19, 2008. New additions include SAINT and Maltego. Nessus was not included in this release, and the developers decided not to upgrade from kernel version 2.6.21.5. [BackTrack Forum http://forums.remote-exploit.org/showthread.php?t=14709]

History

The BackTrack distribution originated from numerous Linux counterparts. WHAX, a name derived from White hat and SLAX, was a distribution designed for security tasks. WHAX emerged from Whoppix, a Knoppix-based security distro. When Whoppix reached version 3.0 it was renamed as WHAX, to reflect the change of parent distribution from Knoppix to SLAX. Customized by Mati Aharoni, an Israeli security consultant, WHAX made its central focus on penetration testing. WHAX made it possible to test and verify the security of a network from many computers located in various places.

Auditor Security Collection

Max Moser's Auditor Security Collection - "The Swiss Army Knife for security assessments" - was focused as well on Linux-based penetration tests. [Insecure.org - Bugtraq http://seclists.org/bugtraq/2004/May/0239.html] The overlap with Auditor and WHAX in purpose and tools collection partly led to the merger. Auditor featured well-laid-out menus for its collection of over 300 tools for troubleshooting, network and systems-fortifying. Its user-friendliness resulted in enhanced usability for penetration testing which led to the formulation of the BackTrack security testing distribution.
The Auditor security collection was a Live CD based on Knoppix.

Current State

After coming into a stable development procedure during the last releases and consolidating feedbacks and addition, BackTrack producers restructured the development focal point from stability to functionality by restructuring the build and maintenance processes. With the current versions of BackTrack, the majority of applications are constructed as individual modules which improve the update performance with releases and fixes.

On 2007-07-15 BackTrack 3 was announced to be in the development process [BackTrack Forum http://forum.remote-exploit.org/showthread.php?t=7563] and released on 2008-06-19.

Features

BackTrack focuses its central idea on the needs of computer penetration testers. The inclusion of Live CD and Live USB functionality enables any user to just insert their respective data medium and boot up BackTrack. Direct hard disk installations (2.7 GB uncompressed) can also be completed within the Live CD (700 MB compressed) environment through the basic graphical installation wizard with no restart subsequent to installation. BackTrack further continues its compatibility with the computer forensics demographic with accessibility and internationalization by including support for Japanese input in reading and writing in Hiragana, Katakana and Kanji.

The key additions to the BackTrack suite are notably -
* Metasploit integration
* RFMON wireless drivers
* Kismet
* AutoScan-Network - AutoScan-Network is a network discovering and managing application
* Nmap
* Ettercap
* Wireshark (formerly known as Ethereal)

BackTrack's functionality further increases with the arrangement of each tool in 16 categories. The tool categories are as follows -

* Enumeration
* Exploit Archives
* Scanners
* Password Attacks
* Fuzzers
* Spoofing
* Sniffers
* Tunneling
* Wireless Tools
* Bluetooth
* Cisco Tools
* Database Tools
* Forensic Tools
* BackTrack Services
* Reversing
* Misc

In relation to basic software packages, BackTrack includes some ordinary desktop programs such as Mozilla Firefox, Gaim, K3b, and XMMS.

Releases

As soon as newer versions of the BackTrack distro are released, older versions lose their support and service from the BackTrack development team.

Criticism

The BackTrack 2 release garnered some criticism. The security suite did not include the popular security scanner Nessus, due to various licensing problems. [Linux.com http://www.linux.com/articles/61417] Newer releases also created problems with PostgreSQL in Fluxbox which created an error, as well as the inclusion of programs such as the aforementioned Nessus and VMware which did not work. According to news releases the new version of BackTrack 3 will include advertising [http://www.remote-exploit.org/services.html as of 16-Apr-2008] . Currently, bookmarks in Firefox seem to be the only advertising visible in version 3 Beta.

Training

The Backtrack security distro has spawned a spin-off training course called Offensive Security, as well as the Offensive Security Certified Professional certification. This training course teaches basic penetration testing using the Backtrack Live CD.

References

See also

* Knoppix STD
* [http://www.wifiway.org/ WifiWay] Dedicated to WIFI. es

External links

* [http://www.remote-exploit.org/index.php/BackTrack Official site]
* [http://backtrack.offensive-security.com/index.php?title=Main_Page Official wiki]
*
* [http://sourceforge.net/projects/bt2usb4win/ BackTrack 2 USB 4 Windows]