Sunday, August 26, 2007

BackTrack2 is NOT an operating system!!!

ok over on there are a couple of running threads on installing backtrack to Hard Disk/Drive so people can use BackTrack2 as their Operation System.

here is one of them link; i dont feel like looking up the rest (really not the point) but this has been going on for some time now (really since BT1).

OK i am going to vent for just a sec but i do have a point...


yes obviously you can run it as an operating system (hence the whole point of the rant) but why do your NEED to do that?

frankly the best education comes from building your own attack platform on the linux distro you installed, configured, and hardened yourself. You install, configure and mess with the tools YOU need to do your pentesting (or scanning your local ISP subnet) and dont have a bunch of extra crap you dont need. You get to work through library issues and crap breaking and getting so pissed at your box that you want to dropkick it out the window but guess what, you LEARN doing all that.

one of the biggest things i see over at LSO and during the rootwars is people having weak linux skills and not being able to compile and use their own tools, so naturally we ask what distro the run and mos of the time i get backtrack for an answer :-(

Dont get me wrong, i like backtrack2 as a TOOL, i boot the ISO in VMware i do what i need to do then i go back to my linux distro to read email and everything else. I have a couple of personal reasons for that one of them being denialability with the non-persistent option :-) but mostly for the reasons above; if i am going to go thru the trouble of installing a distro I might as well get something out of the install (linux knowledge-wise) instead of letting someone else do all the work for me.

just my thoughts on it. spend that effort installing that great set of tools that backtrack comes with on your own, you'll learn more and really get an idea if you actually NEED all of those tools and you get satisfaction of having control over your linux install.



Anonymous said...

Agreed CG. Also, it's good to take a look at what you'll actually have to do, so instead of weighing yourself down and having, in some cases, 4 or 5 tools that do the same thing, you have maybe one tool that you're comfortable and agile with.

A goal might be to get comfortable enough with your favorite scripting / interpreted language that you don't need 60% of the tools that come in such a distro. Scapy / Scruby comes to mind as something that can quickly cover *a lot* of bases and eliminate the need for many smaller compiled and platform dependent tools.

CG said...

you are exactly right. thanks for the good advice. the added benefit is you wrote your own tool/script to get the job done and thats a great feeling (wish i got to do more of it)

dean de beer said...

I tend to agree on most of this too, but if you are going to run it as an "os" then at least run it off a usb/cd or install it to the hdd. There are some discrepancies between virtualized network cards and real cards. Issues with packet loss, getting repeatable results, etc... I guess at an application level this is not really an issue but anything lower and your results might get a little screwy with those additional layers of abstraction. If they are going to insist on virtualization then at least get it as close to the hardware as possible with ESX server from vmware or Xen.