April : 2012 : BackTrack Linux – Penetration Testing Distribution

The Debian Administrator’s Handbook

The BackTrack Team is proud to have contributed 1000 EUR to the Debian Administrator’s Handbook liberation fund. This book, written by two Debian developers, is a welcome addition to any administrator’s bookshelf. Debian is very popular on servers and it’s also the base distribution from which BackTrack is forged.

Security is not in rest in this book since a full chapter is dedicated to the topic. It covers setting up a firewall, monitoring, intrusion detection systems, setting up SELinux policies, dealing with a compromised machine, and gives many thoughful advice to define a security policy within your organization.

The authors have pledged to release the book under an open source license if the associated “liberation fund” reaches 25,000 EUR. Today, there’s less than 3,000 EUR to raise and we invite you to contribute as well. By giving 10 EUR or more, you’ll get a copy of the ebook as soon as it’s available (even if the liberation fund is not completed). Click here to contribute now.

The book is planned to be released in April but in the mean time you can have a peek at a sample chapter and the full table of contents. We have no doubt that this book will provide a solid foundation to all those looking to better understand Debian, BackTrack and Linux at large.

BackTrack 0day privilege escalation

Yesterday, we recieved a bug report in our BackTrack forums describing an “0-day privilage escalation in BackTrack” from the Infosec Institute.

Initially, the bug report confused us, as BackTrack 5 R2 by default has a single root user, with no open TCP or UDP ports – therefore a console escalation from root to root seemed frivolous. The title of the bug was even more confusing – calling it a “BackTrack 0day” misrepresents the bug, apparently in an attempt to make it seem bigger than it is.

As an organization who claim to be security professionals, the Infosec Institute should know better. They should know that an accurate vulnerability description is probably the most important aspect of a bug report. Without this basic rule in place, every single 3’rd party FTP overflow in windows would be categorized as a “Windows 0day”, and every PHP web application vulnerability would be defined as an “Apache 0day”.

To summarise, we believe that the intentional misrepresentation of this bug report has discredited BackTrack unecessarily in the eyes of those who do not understand the underlying mechanisms of our OS, and also discredited the Infosec Institute in the eyes of those who do.

Lastly, we found the following quote from Saul Bellow relevant to this situation. “A great deal of intelligence can be invested in ignorance when the need for illusion is deep“.

Infected Mushroom