BackTrack5 - Linux


Published on

A presentation about Backtrack Linux distro and some of the tools from this penetration testing framework.

Published in: Technology
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

BackTrack5 - Linux

  1. 1. BACKTRACK -LINUX - Softare Security - Marius Antal
  2. 2. “The quiter you become, the moreyou are able to hear”
  3. 3. Introduction There are certain tools when you are a security consultant that are just crucial to your job. In the past couple of years one of the security tools that has risen to this rank is called Backtrack.
  4. 4. Introduction Linux-based Penetration testing arsenal Aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
  5. 5. Introduction Installed, Booted from a Live DVD, Booted from thumbdrive, Optimized for a security system
  6. 6. Introduction Customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester. BEGINNER or EXPERT The largest collection of wireless hacking, server exploiting, web application assessing, social- engineering tools available in a single Linux distribution.
  7. 7. History Named after backtracking, the search algorithm. Current version - BackTrack 5 R1, code name "Revolution and its Revision.“
  8. 8. History Originated from the merger of two competing distributions both based on Knoppix which focused on penetration testing:  WHAX: developed by Mati Aharoni, a security consultant.  Auditor Security Collection: a Live CD developed by Max Moser which included over 300 tools user friendly organized.
  9. 9. History Designed to be an all in one live cd Used on security audits Specifically crafted to not leave any remnants of itself on the laptop The most widely adopted penetration testing framework BackTrack 4 Pre-Final - over 4 million downloads With support for both 32 bit and 64 bit platforms.
  10. 10. Interface Ubuntu based, user friendly operating system. Different UI configurations that you can use to get started:  the gnome desktop interface  the KDE desktop interface. For new users: Gnome interface Advanced users: KDE version - more options to configure the system.
  11. 11. Instalation ISO UnetBootin USB > 2GB CD/DVD..
  12. 12. Community Opensource project:  started by Mati Aharoni and Max Moser  continued by a staff of individuals of different languages, regions, industries, and nationalities. The community’s activity:  website,  wiki page,  a blog,  their forum,,  video tutorials, courses.
  13. 13. Tools - categories Contains more than 300 security tools and utilities that are ALL OPEN SOURCE. Many security professionals prefer them over expensive commercial programs. Also the hackers.
  14. 14. Categories Information gathering, Network mapping, Vulnerability identification, Web application analysis, Digital forensics, Reverse engineering, Basic penetration.
  15. 15. Categories Under each of the main categories, well find subheadings…
  16. 16. Some tools BackTrack Linux - a fine example of a specialized Linux distribution: no matter which part of the computer security field that you work in the Backtrack operating system should have you covered. From Port scanners to password crackers, all can be found in Backtrack suite.
  17. 17. Some tools – well known Metasploit RFMON Aircrack-NG Kismet Nmap Ophcrack Ettercap
  18. 18. Some tools – well known Wireshark (formerly known as Ethereal) BeEF (Browser Exploitation Framework) Hydra OWASP Mantra Security Framework collection of hacking tools, add-ons and scripts based on Firefox Cisco OCS Mass Scanner A very reliable and fast scanner for Cisco routers with telnet/enable default password. Quypt (Terminal Emulator) (which is private software by Crimson Hacking group, which has leaked to the Mainstream) Blackhat A large collection of exploits as well as more commonplace software such as browsers.
  19. 19. NMAP, flying under the radar The main goal in any penetration test is to tread lightly so that you dont set off any intrusion detection alerts or cause a noticeable amount of activity on the systems and network in which youre working. The activity must not look unusual to network engineers or other system administrators.
  20. 20. NMAP, flying under the radar One easy way to gather a lot of information on a target network quickly is to perform a SYN scan with Nmap. A SYN scan doesnt make complete connections to a systems services. A SYN scan never completes the TCP handshake process and therefore the target host never logs the attempt, so no alarms are triggered. (This technique works because TCP/IP is a "polite" protocol. It doesnt speak until spoken to.)
  21. 21. NMAP, flying under the radar  1. The port scanner sends out a SYN request on a particular port number (22).  2. The target responds with an ACK.  3. The scanner notes the ACK and sends a RST(reset) to disconnect from the target.  No TCP connection ever takes place. The port scanner sends a SYN request to the next likely open port number, and so on..
  22. 22. NMAP, flying under the radar The SYN scan is very clean (leaves no trace) because no harm is done to the target. This type of scan works on all operating systems. Its important to remain as quiet as possible during your reconnaissance phase so you can gather as much information as possible about systems and their potential vulnerabilities without detection.
  23. 23. NMAP, flying under the radar CLI GUI – ZenMap(BackTrack > Information Gathering > Network Analysis > Network Scanners.)
  24. 24. NMAP, flying under the radar With only a simplest scan of a host (target), Zenmap provides a huge amount of information very quickly. The Nmap command line equivalent of a scan is: nmap -T4 -A -v
  25. 25. NMAP, flying under the radar The exact version information related to listening services on a host, helps you determine vulnerabilities and exploitable services. Nmap is an advanced tool that is widely used among security professionals and hackers. It provides a great deal of information for the least amount of effort.
  26. 26. NMAP, flying under the radar
  27. 27. NMAP, flying under the radar Demo.
  28. 28. NCrack Ncrack is a highly effective and fast network authentication cracking tool. Its purpose is to assist you in identifying user accounts with weak passwords without the hassle of logging into each host and cracking a password hash. Using it, you can check for weak FTP, SSH, TELNET, HTTP(S), POP3(S), SMB, RDP, and VNC passwords.
  29. 29. NCrack Next slide an actual ncrack scan looks like after a successful password crack. The user account, bob, uses a very weak password: “cheese”. It took ncrack two minutes thirty seconds to crack this password. This means that a hacker could login to this system using the bob account in less than five minutes and commence working on breaking a privileged account or downloading malware with ease.
  30. 30. NMAP, flying under the radar
  31. 31. NMAP, flying under the radar Demo.
  32. 32. Conclusions System security is serious problem, and the tools that hackers use to compromise your systems must be understood. Running your own checks first and strengthening your defenses, you could save your project sometimes from millions of dollars in losses. BackTrack contains all the tools needed by someone who wants to check a system’s security against unwantend guests.
  33. 33. Questions!…
  34. 34. Bibliography A Review of the New Backtrack 5 Operating System. (n.d.). Retrieved from A-Review-of-the-New-Backtrack-5-Operating-System.html About Us: BackTrack. (n.d.). Retrieved from BackTrack Linux: The Ultimate Hackers Arsenal. (n.d.). Retrieved from http://www.admin- s-Arsenal (n.d.). Retrieved from installation/ Wikipedia Backtrack page. (n.d.). Retrieved from