The sales of firearms are prohibited in many countries. We're indeed very lucky that the rights to use a powerful tool like Backtrack has not been taken away from us! Today I would like to review the infamous security distro, Backtrack 2. For this review (not preview), I used my Dell Inspiron 600m notebook as the test PC. It has pentium M 1.4Ghz, 1Gb Sdram and Ati radeon r250 graphic card.

Remote-exploit.org is the home of BackTrack. Backtrack 2 Final has just been released on 3 march 2007 after many months of testing. The iso file is 690Mb in size. Backtrack 2 is a livecd with option to install to hard disk and usbkey. It's based on Slax Live CD.

Backtrack has been recognized as a very powerful security distro and its strength is considered on par with proprietary security tools. In the open source world, it's undisputedly the best. Since it has received more and more interest especially from business community, I am not surprised to see its website becoming more corporate-like. Actually Backtrack was conceived after the merger of two Linux security distro, the Auditor and the Whax. Imagine, it's free. A million thanks to Max Moser and Mati Aharoni.

For your information, Backtrack is currently ranked at 34th place at distrowatch, based on the 30-day page hits. I suppose security distro is not everyone's cup of tea. So, I loaded up the Backtrack 2 CD into my notebook's usb DVD-Rom. It took me 80 seconds to boot up on my Dell notebook. It's runlevel 3. Don't worry, it has clearly printed out what you need to do. The user is root and password is toor.

Once logged in as root user, I could either start the Kde desktop with vesa driver giving me a 1024x768 at 75hz by executing startx at the shell interface or start a fluxbox desktop by executing fluxbox at the shell interface. If fluxbox is chosen, it would also use the vesa driver with the same resolution. Of course, you can execute xconf to auto-configure your graphic cards for better performance prior to executing either startx or fluxbox command. Another command is ati that will autoconfigure the ati card in your PC.

Surprisingly, after I executed the startx command, a very impressive Kde bootsplash appeared. Awesome! Is this a security distro? Then a loud sound greeted me once the Kde environment was fully loaded up in 20 seconds.

Once in KDE desktop, I could surf the internet as the network card had been enabled by default. The networking was disabled by default in the older version of backtrack. The icons, the theme, and the background looked stunning. It has very modern and sophisticated look. I dare say that it is as aesthetically pleasing as PClinuxOS 2007 test 3 and Dream Linux2.2. Maybe the Backtrack 2 developers could also develop a pure desktop spin for Backtrack when they are not "attacking".

The tools numbering in hundreds are very well arranged. The submenu (called backtrack) that houses all the penetration testing tools is located at Kmenu. The bactrack submenu has been re-designed to make it more intuitive to its users. It is intuitive because, the tools have been arranged according to the logical sequence of the pen-testing stages. See below for the screenshots.

This is the structure of the new backtrack submenu which is more intuitive.

Info_gathering-->enumerating-->scanning-->exploiting.

While this is the older version of Backtrack submenu which is far less intuitive. This is due to the fact that the tools were arranged according to the functions of those tools.

Certain tools have been made easier for you to setup, such as Kismet tool and the snort tool. One of the things that amazed me was the abundance relevant links to online resources pertaining to the tools that you would use in Backtrack 2. Kudos to the Backtrack team ! They really put in a lot of effort for this new version. Even the bookmarks toolbar of konqueror and firefox carry many links to the various online resources.

The installer is located at Kmenu->System. You can either install Backtrackas Live CD install, or a real install. The Live CD type of installation only require 700mb of space while the real install would need 2700Mb of space. It took 10 minutes to install 2700 MB of Backtrack 2 to the 80Gb ide hard disk of my Dell notebook. Fast indeed ! I made a reboot after that. It took only 40 seconds to boot from the harddisk as compared to 80 seconds of booting time from the Live CD.

The installer.

Backtrack 2 also comes with a lot of applications that an ordinary desktop user would need. It comes with Linux kernel version 2.6.20. Other than the usual kde applications, Backtrack 2 is also bundled with the Firefox 1.5.0.7, kopete, gaim, mplayer1.0, skype and qtparted.

Backtrack was also capable of automounting my usbkey. The good news is that Backtrack 2 supports most centrino wifi adapter, atheros wifi adapter and also support the 'stubborn' broadcom wifi chipset, as evidenced by the availability of the drivers and firmwares for the wlan chipset of bcm43xx, ipw2100, ipw2200, ipw3945, rt73, rt2561, etc. Ndiswrapper version 1.37 is also available should you need to use the windows wlan driver.

What about the installation of new packages? Since Backtrack 2 is based on Slax, then one can visit slax.org to get the desired modules. There are many types of modules there. These modules can be added through remastering process. If you need certain modules while running the Live CD, just execute the uselivemod command to install the module to a Live CD. The download/installed module can be used immediately. If you need the Nvidia driver or even the 915resolution (for your Intel graphic card) tool, they are available as modules at slax.org's modules download section.

By the way, before you can use the .mo modules, you have to convert it the said module to .lzm type using the mo2lzm command. However, if you need remaster your Backtrack 2 Live CD, it is wise to visit linux-live.org. For your information, remastering of Backtrack Live CD is much easier than knoppix.

Backtrack 2 can be installed into usbkey in two ways. Livecd install that will use 700 Mb of usbkey space or real install that would take 2700 Mb of space. In order to install Backtrack to my 1GB high-speed usbkey, I had to launch the installer. Then I had to mount the Backtrack 2.0 Live CD using Konqueror. Then I had to type in the location of my Live CD at the source part of the installer manually as the installer did not automatically detect my Live CD. It took 5 minutes to install the compressed version (700MB) of Backtrack 2.0 to my usbkey. The reason why I needed Backtrack 2 on my usbkeys was because I can use them to boot Backtrack 2 on my home PC and also office PC. I would use it to protect my wlan. Of course, I also wanted to show it to my friends too.

Well, one of the thing that truly made me scratched my head was the fact that i couldn't fire up my ipw2100 wifi card. Actually it was very silly of me. I had accidentally switched off the notebook's wifi adapter without knowing when I pressed alt+F2 keys. I realized about it when I analyzed the kernel messages. Lucky me, otherwise, I don't think I would be able to finish this review.

All in all, i still am overwhelmed by the number of highly sought-after pen-testing tools provide by Backtrack 2 livecd. The kde desktop was also mesmerizing. Training in bactrack livecd is available from offensive-security. And my final word for this review is ........ " ATTACK ".

Thank you for reading my review. And please attack only when you

have got a valid authorization.

By Michael Shee Choon Beng 

  This e-mail address is being protected from spambots, you need JavaScript enabled to view it .

Comments (0)

Subscribe to this comment's feed

Name

Email

Website

Title

Comment

smaller | bigger

Subscribe via email (Registered users only)

I have read and agree to the Terms of Usage.

Add Comment