Storage

Get a complete security toolkit with BackTrack 3

The BackTrack LiveCD provides over 300 different tools that can be used by security professionals or system administrators. It includes tools for penetration testing, wireless cracking, network mapping, information gathering, vulnerability identification, forensics, and reverse engineering. Vincent Danen tells you how to create a portable version on a USB keychain.

There are a wide variety of security-related tools available for Linux. Many distributions come with a number of these tools, while others are not pre-packaged by distributors for various reasons. Building a security arsenal for penetration testing or vulnerability assessment can be a daunting task if you don't know what tools are good or even what is available.

While a few LiveCD distributions exist to tackle this problem, one that is quite good is BackTrack. This LiveCD can be used as a bootable CD, or you can install it to a USB stick to make it even more portable. As well, BackTrack provides over 300 different tools that can be used by security professionals or system administrators. This includes tools to perform penetration testing on systems, wireless cracking tools, network mapping tools, information gathering tools, vulnerability identification tools, forensics tools, and reverse engineering tools.

You can run BackTrack in a few different ways. It can be installed to a hard drive, just like any other Linux distribution, or it can be run from the LiveCD, installed to a USB keychain device, or installed as a VMware image. For the most portable solution, a USB keychain device works best.

To install BackTrack to a USB keychain, ensure you have a keychain with at least 1GB of space available. Insert the USB keychain device into an existing Linux system.

Mount the bt3final_usb.iso which can be found on the Web site's download page; the version you want to download is the USB Version (Extended). Use:

# mount -o loop -t iso9660 bt3final_usb.iso /mnt/cdrom

Next, format the USB device you plan to use. Insert the device and then umount it; it most likely will get auto-mounted. Make note first of what the device name was (i.e. /dev/sdd).

To format the partition as a FAT16 filesystem use:

# mkfs.msdos /dev/sdd1

Now mount the USB keychain:

# mount /dev/sdd1 /mnt/usb

Next, copy the contents of the ISO to the USB device; if you mounted it to /mnt/usb, use:

# cp -av /mnt/cdrom/* /mnt/usb/

When this is done, move to the USB image on the command-line and execute the bootinst.sh script in the boot/ directory:

# cd /mnt/usb/boot
# ./bootinst.sh

These commands must be run in the boot/ directory on the USB keychain device! If not, they can possibly overwrite the MBR on the host computer so please be sure you are executing these scripts in the boot/ directory of the USB keychain.

Once this is done, reboot the computer and use the BIOS or boot selector to boot from the USB keychain and BackTrack will load on the computer. At boot you can select from textmode or use Fluxbox or KDE.

Once the system is up and running, the interface is quite useful. With the KDE interface, a number of standard tools are provided such as Firefox and Pidgin, amongst many others. The "BackTrack" menu item then allows you to find the tool you're looking for or explore new ones through its categorized hierarchy.

All told, BackTrack is quite nice. For those who use a laptop and the needs are minimal, BackTrack could function as not only a security toolkit but the primary OS on the laptop as well.

Get the PDF version of this tip here.

Delivered each Tuesday, TechRepublic's free Linux and Open Source newsletter provides tips, articles, and other resources to help you hone your Linux skills. Automatically sign up today!

About

Vincent Danen works on the Red Hat Security Response Team and lives in Canada. He has been writing about and developing on Linux for over 10 years and is a veteran Mac user.

15 comments
normhaga
normhaga

Been using it for some time and have even reported bugs in it and the scripts.

Neon Samurai
Neon Samurai

Hehee. BT has been in my toolbag since it was called Network Administrators Security Toolkit (or some such thing, I never wrote it out on the disk label). If BT supported the wireless card in my T60, it would be my dedicated liveCD distro or primary for everything but what Mandriva One provided instead. Until then or a new notebook, it'll have to be second to Mandriva. I'm also a big fan of Damn Vulnerable Linux. It is described by it's project maintainer as "A curruption of the Linux operating system intended for teaching". I mention it here because it is such a perfect companion too BT if your serious about learning your computer kung fu.

pgit
pgit

Last I used bt it was based on Slax 5.1.X. Slax is a cool idea, it's "modular" and modules (aka applications) install in seconds. When you select an app to run in bt it simply inserts the module. This way only what you use is loaded in memory, all the rest of the stuff just sits on the CD in single module files, out of the way. ...you have to extract a Slax module to understand... all the entries the app needs in /etc, /usr, /lib etc are inserted. So not loading modules not in use does save overhead. Slax is written by the fellow who invented the Linux live-scripts, the tool that made live CD a reality. Been a while since I toyed with Slax or bt. Thanks for the reminder, downloading bt3 as I type here. I've been using a Mandriva installation on a (crappy) Dell laptop for all my work. Good thing about using bt instead: if I crap up the system it ain't permanent. It'll come back good as new on the next boot. Not so with a full-blown Mandriva install.

pgit
pgit

Last I used bt it was based on Slax 5.1.X. Slax is a cool idea, it's "modular" and modules (aka applications) install in seconds. When you select an app to run in bt it simply inserts the module. This way only what you use is loaded in memory, all the rest of the stuff just sits on the CD in single module files, out of the way. ...you have to extract a Slax module to understand... all the entries the app needs in /etc, /usr, /lib etc are inserted. So not loading modules not in use does save overhead. Slax is written by the fellow who invented the Linux live-scripts, the tool that made live CD a reality. Been a while since I toyed with Slax or bt. Thanks for the reminder, downloading bt3 as I type here. I've been using a Mandriva installation on a (crappy) Dell laptop for all my work. Good thing about using bt instead: if I crap up the system it ain't permanent. It'll come back good as new on the next boot. Not so with a full-blown Mandriva install.

perezwilli
perezwilli

Wonder if you could show how to use these tools, at least the most important. Thanks. Wortiz

Neon Samurai
Neon Samurai

The bootable disk stays in my toolbag while I get a persistant install on the VM that can easily be moved to workstation or notebook.

pgit
pgit

Geez... I don't know how those duplicate posts happen, and there's no delete function. Anyway, after discovering bt was based on Slax, I tested Slax, and immediately adopted it as my primary OS for a time. (persistence on a USB stick) I found modules for everything bt has and more, they're just not as well organized or documented as they are on bt, and the initial configs are pretty much blank, you need to know what you're doing with each tool. But Slax supported my wireless devices, in part via the Slax forums where a German fellow patiently walked me through a wpa_supplicant config. Might want to try Slax. I still use the last release, 5.1.8.1, and it appears there's still more modules for it than there are for the current Slax 6.0.7. Mandriva is great (installed on all my production machines) and the One live CD is impressive. But it's a bit top heavy and slow, and there's no way to keep persistent changes. In contrast, Slax boots from a mini-CD and when the desktop arrives everything is right where I left it. Mail settings, bookmarks, even my custom apps. I keep a folder with a ton of modules in it if I need something. If I need to nmap a system, double click the module and the app is ready to go in seconds. To do the same in Mandriva One you'd have to make sure your internet access is there, set up repositories and completely install what you need. And it would be resident in memory, so the more you add the slower the machine becomes. I see One more as an easy intro to Linux that doesn't require any commitment. Once you get it configured Slax is faster, and your desktop is exactly as you want it.

Neon Samurai
Neon Samurai

The Mandriva liveCD is also fantastic if your just looking for the fresh reboot effect. BT's only short coming is support for my wireless NIC. If not for that, I'd be using BT liveCD on it when not using the installed OS for work related tasks. (hm.. I have to check the compatability list again and see if the T60's NIC turned up on it yet.)

Neon Samurai
Neon Samurai

I don't intend to sound like the usual "RTFM" elitists but this distribution provides far more tools than could be covered by the author without starting an entirely new Blog or website. If your into computer security then get to reading. Your local chapters.ca type shop should have some good books on computer security with "computer security tools" or similar. If instead, your looking for scripts to help you be a leet haxors.. this isn't the site to be asking on.

normhaga
normhaga

except for those rare machines where I have us a cd for one reason or another.

Neon Samurai
Neon Samurai

I use Mandriva One for booting to a live system but I've only installed from it once or twice. I prefer the complete and customizable install from Mandriva Free rather than uninstalling the bloat of One for a hard drive install. I also found differences between One 2007.0 and Free 2007.0 in the configurations. I needed something quick and Windows admin friendly so I had a remote admin slap a test build server together using One. I suspect there was something in the SSH config because connecting from my own Free 2007.0 install at the time didn't go so well. We rebuild the test server build with Free 2007.0 and everything went perfectly on both ends. One is my go-to liveCD for a live system though unless I need a specialized tool like BT or the likes SystemRescue.

Neon Samurai
Neon Samurai

My first go at a flashdrive distro was Damn Small but not having a motherboard that booted from USB quickly made testing it a problem. Worked great for running QEM'd under a Windows process though. It's time to revisit that project again though.

Neon Samurai
Neon Samurai

I this case, it was easier to have the remote admin make himself a quick/dirty test box with One by booting and doing the live install. It wasn't ever meant as the final build especially with all the default software that goes in with it. Great for a user who wants the fully outloaded system or just wants a quick system image install but less so for my needs. I visited the remote office soon after to walk them through a custom install of Free and get an initial test build we could both start working against since having him into my VM remotely was not an option. I figured it was mostly just config changes that would take comparing the two system's files side by side but it was quicker to just to an install of Free and carry on. I think Slax is going into a VM this weekend from all I'm hearing about it since the BT3 article apeared. I also really want to have a go at a self build liveCD (mklivecd is it?) and see about a nice custom Mandriva NS disk for my toolbag or mabe do my own USB install (A little guilty for not buying the Mandriva USB drive if I do that last bit though). Sooo much power in one's shirt pocket.. Oph, BT, SystemRescue, SuperGrub, Clonezilla, the two partitioning focuses liveCD, One.. the USB installs of DSL and such.. oh me, oh my.

pgit
pgit

That there are important differences in the default configs between One and Free. One basically writes a snapshot of the running system onto the hard drive. So whatever defaults One comes with will persist once installed. It can all be straightened out though, do it all the time. The question is do you want the system quick (One) or better configured, less work afterward (Free) Do check out Slax. I've never had so much fun with an OS. I set up a reporter once with a 2 GB USB and mini CD. All her configurations were a click away, for writing something up, editing images, uploading to the office... All she had to do is convince anyone nearby to let her boot their laptop, she'd boot with a system that won't touch their hard drive. (bribes involved) So much power in your shirt pocket. Amazing. Thomas M. is genius.