Linux, which is a very versatile operating environment, caters for an array of different needs of different users. One such specific usage of Linux is in the area of computer security and penetration testing. Among the digital forensic tools available for Linux, BackTrack is well known as an all-in-one platform that offers security professionals all the tools that they may need to carry out various security related tasks.
For those who are new to the information security field, BackTrack is a Linux distribution that is customized from bottom-up just for one purpose – penetration testing. Every package, kernel configuration and script is customized in a way to aid in this process. This distribution does not just offer an operating system built on top of the Linux kernel, but also an assortment of security related software tools that come pre-installed and ready to use.
The current major version (version 5, codenamed Revolution) of BackTrack was released on May 10th 2011 and is based on Ubuntu 10.04 LTS and Linux kernel version 2.6.38. It’s similar to Protech and Helix, two other security related Linux distributions also based on Ubuntu Linux. Being based on Ubuntu gives these variants more stability, hardware support and access to a wider range of software applications that already work on conventional Ubuntu. BackTrack 5 is available both in GNOME and KDE Plasma Desktop environments.
BackTrack 5 Boot Menu
The distribution usually ships as a Live DVD which can optionally be installed if needed for use as a regular operating system. There are few different boot options available including Default text mode, Stealth mode and Forensics mode. The Stealth mode boots the OS with networking disabled and the Forensics mode boots without automatically mounting drives or swap space. The default mode boots into the customized Unix/Linux shell from which you can run the desktop environment.
BackTrack 5 comes with more than 300 security tools that are all open-source and freeware. They are arranged in the BackTrack menu of the Application Launcher under the following categories.
- Information gathering – Foot printing tools, port scanners and web crawlers
- Vulnerability assessment – Network and web assessment tools
- Exploitation tools – Web and wireless exploitation tools, social engineering tools
- Privilege escalation – Password attacking tools, sniffers, spoofing tools
- Maintaining access – OS backdoors, tunneling
- Reverse engineering
- RFID tools
- Stress testing
- Forensics – Forensic hashing tools, forensic imaging tools
- Reporting tools – Evidence management, media capture
BackTrack menu with the supplied security tools
/pentest directory with the installed tools
Zenmap, a port scanner
WireShark, a Network analyzer
Apart from these security tools, BackTrack also comes with two browsers (Firefox and Konqueror) and other tools such as the Wine emulator and KMix (a sound mixer) pre-installed.
Overall, BackTrack 5 is a feature rich and a robust security suite for both penetration testers and for new comers to the information security field. However care should be taken when using such powerful and dangerous tools that are supplied with BackTrack as they can easily lead to harm when found in the wrong hands. The only manifest drawback is the scarcity of documentation and support which can be overlooked considering that this is a distribution for advanced and experienced users.
The official website of BackTrack is at http://www.backtrack-linux.org/ where you can download the latest version or previous versions of BackTrack.