distribution, which just
its 2.0 version,
helps organize security tools into a live CD package that
will be helpful to anyone faced with security oriented tasks.
Hundreds of open source security tools exist and it can be difficult to
sort through them and determine what they are used for; BackTrack can
help by providing one-stop shopping and a well organized interface that
categorizes the tools by the task they are focused on. BackTrack seems
well suited to its stated goal of being the distribution of choice for
penetration testers and other security professionals.
Based on SLAX, a live CD version of
Slackware, BackTrack can boot directly from CD or USB stick and once it
is up, the user can start KDE or Fluxbox to provide a GUI interface. As
part of a test drive of BackTrack, the author started up the KDE interface
and found it to be well organized, especially the Applications menu (see
screenshot). The Firefox and Konqueror bookmark toolbar customizations,
with buttons for several security oriented websites, was quite useful as well.
SLAX seemingly had no trouble with the author's off-brand laptop nor on
several desktop machines that it was tried on. The X server handled high
resolution screens (up to 1600x1200) with aplomb unlike other live CD
distributions that have been booted over the years.
The selection of tools is where BackTrack truly shines. More than 300
up-to-date tools for everything from network mapping, through password
cracking to digital forensics are available.
Wireless network sniffing and packet injection are areas that BackTrack
has clearly focused on. Using the 2.6.20 kernel and a variety of patched
wireless drivers, BackTrack makes wireless penetration and fuzz testing
easy. Bluetooth hacking is supported as well. The wiki provides a
of the security tools included for anyone who wants to ensure their
favorite will be available before booting BackTrack.
BackTrack also provides the now standard ability to write to the
ostensibly read-only root filesystem using unionfs, but it extends that to be
able to write data back to the media itself if it has multi-session
capabilities. It also
has some other unique features including the ability to provide a BackTrack
image for other machines to boot over the network via PXE. The PXE boot
can be combined with 'John the Ripper' to create a password cracking cluster.
The BackTrack developers have also pre-configured some of the tools like Snort,
kismet, Metasploit and others to allow folks to more quickly use those tools.
Perhaps the 'swiss army knife' metaphor is overused, but this distribution
certainly seems to fit that bill. There are other distributions with a
similar focus (a year old list can be found
but it will be hard to find one as up-to-date and as comprehensive as
to post comments)