CHAPTER 5

Customizing BackTrack and Security Tools

BackTrack is a custom operating system for security testing built upon Ubuntu and the KDE desktop. Chapter 8 explains how to apply BackTrack as a penetration testing platform, and Chapter 9 discusses how to use it as a network sensor and log analysis platform.

BackTrack is a free Linux distribution that includes hundreds of free security testing tools. You can use BackTrack in its default configuration; however, there are many additional capabilities and tools which you can add through security tool customizations.

Many important security testing tools only run on Windows environments. You need to find a way to provide Windows as a test platform accessory to BackTrack. There are also some tools with commercial or other restrictive licensing schemes that are not included on BackTrack, but they are useful in your testing environment.

You can put your network administration know-how to good use supporting other security professionals with their testing needs. BackTrack comes in two downloadable forms: the bootable International Standards Organization (ISO) image and a VMware image. It is also possible to create a hard-disk version of BackTrack from the ISO. You utilize both these forms in the customization process.

Creating and Running BackTrack Images

BackTrack is an open source Linux distribution available as an ISO CD image and as a virtual machine (VM). There are multiple releases available online, such as BackTrack 3, 4, 4-r1, ...