BACKTRACK -LINUX        - Softare Security -                               Marius Antal
“The quiter you become, the moreyou are able to hear”
Introduction There are certain tools when you are a security  consultant that are just crucial to your job. In the past ...
Introduction Linux-based Penetration testing arsenal Aids security professionals in the ability to perform  assessments...
Introduction Installed, Booted from a Live DVD, Booted from thumbdrive, Optimized for a security system
Introduction Customized down to every package, kernel  configuration, script and patch solely for the  purpose of the pen...
History Named after backtracking, the search algorithm. Current version - BackTrack 5 R1, code name  "Revolution and its...
History Originated from the merger of two competing distributions both based on Knoppix which focused on penetration test...
History Designed to be an all in one live cd Used on security audits Specifically crafted to not leave any remnants of ...
Interface Ubuntu based, user friendly operating system. Different UI configurations that you can use to get  started:  ...
Instalation www.backtrack-linux.org/downloads/ ISO UnetBootin USB > 2GB CD/DVD..
Community Opensource project:   started by Mati Aharoni and Max Moser   continued by a staff of individuals of differen...
Tools - categories Contains more than 300 security tools and utilities  that are ALL OPEN SOURCE. Many security professi...
Categories Information gathering, Network mapping, Vulnerability identification, Web application analysis, Digital fo...
Categories Under each of the main categories, well find  subheadings…
Some tools BackTrack Linux - a fine example of a specialized  Linux distribution: no matter which part of the  computer s...
Some tools – well known Metasploit RFMON Aircrack-NG Kismet Nmap Ophcrack Ettercap
Some tools – well known Wireshark (formerly known as Ethereal) BeEF (Browser Exploitation Framework) Hydra OWASP Mantr...
NMAP, flying under the radar The main goal in any penetration test is to tread  lightly so that you dont set off any intr...
NMAP, flying under the radar One easy way to gather a lot of information on a target  network quickly is to perform a SYN...
NMAP, flying under the radar            1. The port scanner sends out a             SYN request on a particular port     ...
NMAP, flying under the radar The SYN scan is very clean (leaves no trace)  because no harm is done to the target. This ty...
NMAP, flying under the radar CLI GUI – ZenMap(BackTrack > Information Gathering  > Network Analysis > Network Scanners.)
NMAP, flying under the radar With only a simplest scan of a host (target),  Zenmap provides a huge amount of information ...
NMAP, flying under the radar The exact version information related to listening  services on a host, helps you determine ...
NMAP, flying under the radar
NMAP, flying under the radar Demo.
NCrack Ncrack is a highly effective and fast network  authentication cracking tool. Its purpose is to assist you in iden...
NCrack Next slide an actual ncrack scan looks like after a  successful password crack. The user account, bob, uses a ver...
NMAP, flying under the radar
NMAP, flying under the radar Demo.
Conclusions System security is serious problem, and the tools  that hackers use to compromise your systems  must be under...
Questions!…
Bibliography http://www.backtrack-linux.org/ A Review of the New Backtrack 5 Operating System. (n.d.).  Retrieved from h...
BackTrack5 - Linux
Upcoming SlideShare
Loading in...5
×

BackTrack5 - Linux

4,215

Published on

A presentation about Backtrack Linux distro and some of the tools from this penetration testing framework.

Published in: Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,215
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
429
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

BackTrack5 - Linux

  1. 1. BACKTRACK -LINUX - Softare Security - Marius Antal
  2. 2. “The quiter you become, the moreyou are able to hear”
  3. 3. Introduction There are certain tools when you are a security consultant that are just crucial to your job. In the past couple of years one of the security tools that has risen to this rank is called Backtrack.
  4. 4. Introduction Linux-based Penetration testing arsenal Aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
  5. 5. Introduction Installed, Booted from a Live DVD, Booted from thumbdrive, Optimized for a security system
  6. 6. Introduction Customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester. BEGINNER or EXPERT The largest collection of wireless hacking, server exploiting, web application assessing, social- engineering tools available in a single Linux distribution.
  7. 7. History Named after backtracking, the search algorithm. Current version - BackTrack 5 R1, code name "Revolution and its Revision.“
  8. 8. History Originated from the merger of two competing distributions both based on Knoppix which focused on penetration testing:  WHAX: developed by Mati Aharoni, a security consultant.  Auditor Security Collection: a Live CD developed by Max Moser which included over 300 tools user friendly organized.
  9. 9. History Designed to be an all in one live cd Used on security audits Specifically crafted to not leave any remnants of itself on the laptop The most widely adopted penetration testing framework BackTrack 4 Pre-Final - over 4 million downloads With support for both 32 bit and 64 bit platforms.
  10. 10. Interface Ubuntu based, user friendly operating system. Different UI configurations that you can use to get started:  the gnome desktop interface  the KDE desktop interface. For new users: Gnome interface Advanced users: KDE version - more options to configure the system.
  11. 11. Instalation www.backtrack-linux.org/downloads/ ISO UnetBootin USB > 2GB CD/DVD..
  12. 12. Community Opensource project:  started by Mati Aharoni and Max Moser  continued by a staff of individuals of different languages, regions, industries, and nationalities. The community’s activity:  website, backtrack-linux.org  wiki page,  a blog,  their forum, http://www.backtrack-linux.org/forums/,  video tutorials, courses.
  13. 13. Tools - categories Contains more than 300 security tools and utilities that are ALL OPEN SOURCE. Many security professionals prefer them over expensive commercial programs. Also the hackers.
  14. 14. Categories Information gathering, Network mapping, Vulnerability identification, Web application analysis, Digital forensics, Reverse engineering, Basic penetration.
  15. 15. Categories Under each of the main categories, well find subheadings…
  16. 16. Some tools BackTrack Linux - a fine example of a specialized Linux distribution: no matter which part of the computer security field that you work in the Backtrack operating system should have you covered. From Port scanners to password crackers, all can be found in Backtrack suite.
  17. 17. Some tools – well known Metasploit RFMON Aircrack-NG Kismet Nmap Ophcrack Ettercap
  18. 18. Some tools – well known Wireshark (formerly known as Ethereal) BeEF (Browser Exploitation Framework) Hydra OWASP Mantra Security Framework collection of hacking tools, add-ons and scripts based on Firefox Cisco OCS Mass Scanner A very reliable and fast scanner for Cisco routers with telnet/enable default password. Quypt (Terminal Emulator) (which is private software by Crimson Hacking group, which has leaked to the Mainstream) Blackhat A large collection of exploits as well as more commonplace software such as browsers.
  19. 19. NMAP, flying under the radar The main goal in any penetration test is to tread lightly so that you dont set off any intrusion detection alerts or cause a noticeable amount of activity on the systems and network in which youre working. The activity must not look unusual to network engineers or other system administrators.
  20. 20. NMAP, flying under the radar One easy way to gather a lot of information on a target network quickly is to perform a SYN scan with Nmap. A SYN scan doesnt make complete connections to a systems services. A SYN scan never completes the TCP handshake process and therefore the target host never logs the attempt, so no alarms are triggered. (This technique works because TCP/IP is a "polite" protocol. It doesnt speak until spoken to.)
  21. 21. NMAP, flying under the radar  1. The port scanner sends out a SYN request on a particular port number (22).  2. The target responds with an ACK.  3. The scanner notes the ACK and sends a RST(reset) to disconnect from the target.  No TCP connection ever takes place. The port scanner sends a SYN request to the next likely open port number, and so on..
  22. 22. NMAP, flying under the radar The SYN scan is very clean (leaves no trace) because no harm is done to the target. This type of scan works on all operating systems. Its important to remain as quiet as possible during your reconnaissance phase so you can gather as much information as possible about systems and their potential vulnerabilities without detection.
  23. 23. NMAP, flying under the radar CLI GUI – ZenMap(BackTrack > Information Gathering > Network Analysis > Network Scanners.)
  24. 24. NMAP, flying under the radar With only a simplest scan of a host (target), Zenmap provides a huge amount of information very quickly. The Nmap command line equivalent of a scan is: nmap -T4 -A -v 192.168.1.250
  25. 25. NMAP, flying under the radar The exact version information related to listening services on a host, helps you determine vulnerabilities and exploitable services. Nmap is an advanced tool that is widely used among security professionals and hackers. It provides a great deal of information for the least amount of effort.
  26. 26. NMAP, flying under the radar
  27. 27. NMAP, flying under the radar Demo.
  28. 28. NCrack Ncrack is a highly effective and fast network authentication cracking tool. Its purpose is to assist you in identifying user accounts with weak passwords without the hassle of logging into each host and cracking a password hash. Using it, you can check for weak FTP, SSH, TELNET, HTTP(S), POP3(S), SMB, RDP, and VNC passwords.
  29. 29. NCrack Next slide an actual ncrack scan looks like after a successful password crack. The user account, bob, uses a very weak password: “cheese”. It took ncrack two minutes thirty seconds to crack this password. This means that a hacker could login to this system using the bob account in less than five minutes and commence working on breaking a privileged account or downloading malware with ease.
  30. 30. NMAP, flying under the radar
  31. 31. NMAP, flying under the radar Demo.
  32. 32. Conclusions System security is serious problem, and the tools that hackers use to compromise your systems must be understood. Running your own checks first and strengthening your defenses, you could save your project sometimes from millions of dollars in losses. BackTrack contains all the tools needed by someone who wants to check a system’s security against unwantend guests.
  33. 33. Questions!…
  34. 34. Bibliography http://www.backtrack-linux.org/ A Review of the New Backtrack 5 Operating System. (n.d.). Retrieved from http://www.infosecisland.com/blogview/14138- A-Review-of-the-New-Backtrack-5-Operating-System.html About Us: BackTrack. (n.d.). Retrieved from http://www.backtrack-linux.org/about/ BackTrack Linux: The Ultimate Hackers Arsenal. (n.d.). Retrieved from http://www.admin- magazine.com/Articles/BackTrack-Linux-The-Ultimate-Hacker- s-Arsenal Pendrive.com. (n.d.). Retrieved from http://www.pendrivelinux.com/usb-backtrack-linux- installation/ Wikipedia Backtrack page. (n.d.). Retrieved from http://en.wikipedia.org/wiki/BackTrack
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×