It’s obvious most of the ICT professionals
and beginners these days are enthusiasts to know hacking tricks and creating
malicious attacks or software. Hacking is illegal and punishable by law that’s why
the technologist and computer pioneers come up with the terminology “ethical
hacking” it means simply you are hacking with ethics and principles.
First time I heard about BackTrack
Linux it was the time of the release of BackTrack 4.0, the reason I come across
the operating system I was practicing network security and I wanted to know the
meaning of the term “offensive security” basically it is just security but
instead of being defensive you are going offensive meaning that you are practicing
the same methods and ways the hacker or invader will use to attack your system
or network. By knowing the methodologies and the route that the hacker will
take to attack your system you will be ready to close all the loopholes and
overcome all the weak points of your network security simply “to catch a wolf
you need a wolf not a sheep”. I don’t
need to go in detail about hackers and their behaviors you can just Google for type
of hackers and get information about them, the grey hat hacker, the white hat
hacker and the black hacker.
BackTrack Linux has come up just to do
that to help people who want to practice offensive security to learn the skills
in the easiest and most efficient ways. BackTrack Linux realizes that not every
individual knows Linux coding. It provides tools with user friendly interfaces
to help you just to do that. With several number of YouTube tutorials on how to
install and use most of its tools you can easily brought up into speed and join
the crew of hackers and penetration testers in town. Please put in mind these
are not just games these are professional careers and people are paid lot of
money to check security vulnerability and these guys are the rulers of the
industry since the future of Information Technology depend in security since
the world wide web is no longer safe yard to play unprotected.
BackTrack is a Linux distribution that is
security focused and contains over 300 security tools integrated with a highly
polished user interface. By the time you must a one –third of the tools you
will be a professional when you reach half you will be an expert and all of them
damn!!! You are a geek. BackTrack's
tools are organized into 12 categories:
- Information Gathering
- Vulnerability Assessment
- Exploitation Tools
- Privilege Escalation
- Maintaining Access
- Reverse Engineering
- RFID Tools
- Stress testing
- Forensics
- Reporting Tools
- Services
- Miscellaneous
Some of the
tools include:
Nmap (Network Mapper) - Nmap is a sophisticated scanning tool used
to discover ports, services and hosts on a network. It can be used to determine
what type of operating system is running on a target machine as well as what
version of a service is running on a specific port which may assist hackers in
determining what vulnerabilities a target may be susceptible to.
Wireshark - Wireshark is a open-source packet
analyzer (sniffer) which can be used to troubleshoot network problems or
eavesdrop on both wired and wireless network traffic. Wireshark can assist
hackers in performing man-in-the-middle attacks and is a key component for many
other attacks.
Metasploit - The Metasploit Framework is a tool
for the development of vulnerability exploits and assists both hackers and
security analysts with testing these exploits against remote targets to
determine if they are susceptible. You can develop you own exploit or choose
from a large library of pre-developed exploits that target specific
vulnerabilities such as unpatched operating systems.
Ophcrack - Ophcrack is a powerful password
cracking tool that can be used in conjunction with Rainbow Tables and password
dictionaries to crack passwords. It can also be used in brute-force mode where
it attempts to iteratively guess every possible combination of a password.
There are
hundreds more tools that are part of Backtrack. Many of them can be powerful
and harmful if used incorrectly. Even if you are a security professional with
the best of intentions you can really do a lot of damage if you're not careful.
If you want to
learn how to use Backtrack in a safe environment, I recommend that you setup an
isolated test network using an old wireless router / switch and some old PCs
that you likely have laying around your garage. In addition to the on-line
course offered by Offensive Security, there are several books available for
learning to use BackTrack on your own.
Just remember
that with powerful security tools comes great responsibility. While it is
tempting to show off your new found hacking skills to your friends, it's best
to use these tools for their intended purpose which is to help improve a
system's or network's security posture.
BackTrack is
available from The BackTrack Linux website. The latest release
of BackTrack is BackTrack 5 R2 which was released in 1st March 2012.
Have fun enjoy hacking.
By Jumanne
Mtambalike