Linux has brought a wonderful concept to the world of computers and that is easy to use live cd’s that allow you to boot up a fully operational operating system that does not require installation to the hard drive. Ubuntu, SuSe, Mandriva and Fedora all have boot-able Live CD options that allow you to test out the operating system before installing to the hard drive.
Another great benefit of the livecd is to have access to a specialised toolkit for performing troubleshooting and systems recovery – a well known example of this is Knoppix.
In the world of security there are a bunch of new and established live cd tool kits based on open source software; by far the two most popular and useful are BackTrack and Samurai.
BackTrack is well established and enormously popular, it is a massive collection of security testing and penetration tools. In fact I doubt there would be many security professionals out there who have not heard of it, and most would have it as part of their collection of tools.
Strengths include:
- Powerful wireless capability, patched drivers and excellent tools for wireless pen testing
- Largest collection of offensive tools
- Good forums and wiki for community support
BackTrack 3.0 was a quality release that pushed it into the hands of professionals and Backtrack 4.0 is nearing completion (4pre is out and available).
We took things a step further and aligned BackTrack to penetration testing methodologies and assessment frameworks (ISSAF and OSSTMM). This will help our professional users during their daily reporting nightmares.
Currently BackTrack consists of more than 300 different up-to-date tools which are logically structured according to the work flow of security professionals. This structure allows even newcomers to find the related tools to a certain task to be accomplished. New technologies and testing techniques are merged into BackTrack as soon as possible to keep it up-to-date.
The Samurai Web Testing Framework is the new kid on the block and different from BackTrack in that it is focused on security web testing. It includes many excellent web assessment and exploitation tools.
Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.
Both of these distributions are of very high quality and based on Ubuntu Linux. This allows a great deal of room for customisation and different uses. Installing them to the hard disk is also an option, many find the convenience of installing into a virtual machine such as Virtual Box or VMware to be an excellent option. The systems can be customised and changes are saved to the virtual hard drive. When not in use they can be powered off.
Other options include installation onto a bootable thumdrive, or installing onto a SD card that resides in an eeepc. This last option is quite popular as it allows a penetration tester to have a fully locked and loaded arsenal of security testing tools in such a small form factor PC.
Other distributions to be aware of are nUbuntu and the OWASP Live CD.
