When you want to know what’s happening on your network, systems, or applications, but not install a auditing software, Linux (and BSD and occasionally Windows) distributions “Live CDs” can help. Live CDs are OS distributions on a CD- or DVD-ROM that you can boot and run directly from the CD and RAM, without installing anything to the hard drive. In a Right Tool for the Job blog post, David HM Specter explains how you can perform security audits using the Backtrack Linux Live CD. This gallery shows you several of the Backtrack tools in action.
Submitted by David HM Specter
Backtrack, like most Auditing Live CDs, comes with dozens and dozens of tools. Most of these tools are the digital equivalent of lock picks and system cracking tools and are very useful for auditing network security. However, some of Baktrack’s more powerful tools can get you into a lot of hot water–should you use them inappropriately.
Backtrack startup screen
Backtrack, like most Auditing Live CDs, comes with dozens of security tools. The creators have categorized Backtrack’s large selection of tools into manageable chunks of functionality.
Backtrack includes several “Forensic Tools” – that are very useful in systematically documenting data discovered during an audit. Dome of these tools save data into databases, others are systems that allow an investigator to make a pristine copy (image) of a hard drive for later examination.
Autopsy is one of those tools.
Creating a new case
Adding a host to a case file
Bill Detwiler is the Editor for Technical Content and Ecosystem at Celonis. He is the former Editor in Chief of TechRepublic and previous host of TechRepublic's Dynamic Developer podcast and Cracking Open, CNET and TechRepublic's popular online show. Previously, Bill was an IT manager in the social research and energy industries. He has bachelor's and master's degrees from the University of Louisville, where he has also lectured on computer crime and crime prevention.
