Whether you've used the Bastille UNIX tool, hardened your Linux systems manually or just want to get a good snapshot of where your systems currently stand, you have to check out BackTrack
Requires Free Membership to View
When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.
Cathleen A. Gagne, Senior Editorial Director
. It's a Slackware Linux-based
distribution that's ready to run via a bootable CD or virtual machine image (VMI). Officially in
its third version (fourth if it you count the latest
pre-release), BackTrack
Linux is chock full of handy security tools for poking and prodding to bring out the worst in
your Linux systems. In the spirit of ethical hacking, BackTrack integrates this common security
testing methodology:
Figure 1 - BackTrack's security testing method (Click image to enlarge)
BackTrack contains niche security tools that would otherwise be a real pain to download, compile and install. Whether you're a Linux pro or just getting started, it's hard to argue against being able to download a fully-functional version of Linux with most, or maybe all, the security testing tools you'd want to use. BackTrack's main interface is shown in the following screenshot:
Figure 2 - BackTrack desktop and security tool categories (Click image to enlarge)
A typical security assessment scenario that used BackTrack to test internal Linux systems could consist of the following:
- Use fping to identify live hosts
- Use nmap to identify the operating system and detect open ports
- Use amap to identify running applications
- Use SAINT to seek out vulnerabilities in the operating system (OS)
- Use Metasploit to exploit OS and application vulnerabilities
The Linux-centric possibilities are endless. Furthermore, BackTrack has an extensive set of database, Web and wireless tools for finding and exploiting flaws in systems outside of the Linux realm. It even includes built-in HTTP, TFTP, SSH and VNC services that'll be necessary during your vulnerability identification and analysis. And if you ever have such a need, BackTrack also incorporates digital forensics tools. Playing around with tools like Autopsy and Sleuthkit, in fact, are great for "backing into" hacking techniques to further sharpen your security skills.
I've always been a proponent of using good commercial security testing tools, but you may no longer have that option these days. The BackTrack tools, in reality, aren't just "good enough" -- they're actually truly good, especially if fancy reporting and ongoing vulnerability management are not a top priority for you. I'm going to continue using commercial tools in my security assessments, but you can bet that my BackTrack virtual machine is going to be loaded and ready to roll for those niche tools we just can't find anywhere else.
ABOUT THE AUTHOR: Kevin Beaver is an information security consultant, keynote speaker, and expert witness with
Atlanta-based Principle Logic, LLC. Kevin specializes in performing independent security
assessments. Kevin has authored/co-authored seven books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley). He's also the creator of the
Security On Wheels information
security audio books and blog
providing security learning for IT professionals on the go. Kevin can be reached at kbeaver@principlelogic.com.
This was first published in November 2009