Results 1 to 7 of 7

Thread: Is BackTrack safety to use.

  1. #1
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Question Is BackTrack safety to use.

    Dear All,

    I hear from guys that the Backtrack and all live Linux version is not safety to use.
    He said it have exploits.

    and i make "nmap 127.0.0.1" and everything is okay.
    and i make "netstat -a" and i found this:

    root@bt:~# netstat -a
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State
    tcp 0 0 *:8834 *:* LISTEN
    tcp 0 0 localhost:8118 *:* LISTEN
    tcp 0 1 10.10.10.100:42573 bw-in-f103.1e100.ne:www FIN_WAIT1
    udp 0 0 *:bootpc *:*
    udp 0 0 10.10.10.100:isakmp *:*
    udp 0 0 localhost:isakmp *:*
    udp6 0 0 fe80::21f:3cff:f:isakmp [::]:*
    udp6 0 0 ip6-localhost:isakmp [::]:*
    Active UNIX domain sockets (servers and established)
    Proto RefCnt Flags Type State I-Node Path
    unix 2 [ ACC ] STREAM LISTENING 19566 /tmp/ksocket-root/backtrack-16cd-4b84dbb9
    unix 2 [ ACC ] STREAM LISTENING 19407 /root/.kde/share/apps/nepomuk/socket
    unix 2 [ ACC ] STREAM LISTENING 16924 /dev/printer
    unix 2 [ ACC ] STREAM LISTENING 19169 /tmp/ksocket-root/kdeinit__0



    So what is this line below>>>>>
    unix 2 [ ACC ] STREAM LISTENING 19566 /tmp/ksocket-root/backtrack-16cd-4b84dbb9

    best regards,
    Last edited by skull2006; 02-25-2010 at 02:57 PM. Reason: more detail

  2. #2
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: Is BackTrack safety to use.

    Well it really depends on the user. See here.

  3. #3

    Default Re: Is BackTrack safety to use.

    hi skull2006,

    like with any other operating system, it fully relies on default settings and how much your care
    and how much effort you wanna spent to understand what's going under the hood!

    BT4's main purpose (so far I can interpret) to give security experts some decent linux based system
    with all necessary tools you ever can imagine to have in your pocket!

    Like many, many other Live-based distros (incl. Pentoo ;-) - there must be a trade-off between having
    the most hardened linux/ubuntu environment or having a distro with a lot of very cool features for
    professionals, having enough knowledge to secure their productive system!

    Anyone bitching against BT4 and as well to other pentest related distros, didn't get the point!

    Honestly I've to say I'm always surprised how many, really completely new users to linux, try to
    start and dive in with BT4 and just executing blindly all these 'kewl' tools - this is actually what concerns me most! There are much better Live-Distros you should start learning with!

    YOU HAVE TO UNDERSTAND key functions/components of various security topics. Being a security
    tester/pentester however, this has something to do with serious long-time experience & hands-on,
    in-depth system & network skills and a lot of 'hacking' creativity/curiosity!

    Coming back to your orig. post, well this is what I mean with 'know the basics' - if you even don't know
    what's running or at least doing some in-depth research what it could be, BT4 will be likely insecure as many other out-of-the-box-i-stick-with-default-settings-operating-systems!

    Please, don't misunderstand but if you use BT4, you should really, really start to learn more than actually
    using some of the scripts & tools on it! This includes of course, always do your basic homework on your
    production BT4, including not running blindly any kind of socket services (update-rc.d -f xxx remove & lsof -i & /var/log/* & /proc/* are some of your best friends!),
    using basic host-based intrusion detection (posted here: http://www.backtrack-linux.org/forum...sing-psad.html) or at least how to use iptables/netfilter, watching log files, using tcpdump/tshark with all these awesome filters and so on....

    ..keep going your curiosity :-)

    /brtw2003
    Last edited by brtw2003; 02-24-2010 at 04:43 PM.

  4. #4
    Junior Member
    Join Date
    Feb 2010
    Location
    on this page
    Posts
    34

    Default Re: Is BackTrack safety to use.

    Quote Originally Posted by brtw2003 View Post
    Anyone bitching against BT4 and as well to other pentest related distros, didn't get the point!

    Honestly I've to say I'm always surprised how many, really completely new users to linux, try to
    start and dive in with BT4 and just executing blindly all these 'kewl' tools - this is actually what concerns me most! There are much better Live-Distros you should start learning with!
    Could not have said it better myself, excellent point!

  5. #5
    Banned
    Join Date
    Feb 2010
    Posts
    5

    Default Re: Is BackTrack safety to use.

    i just started with linux and bt4 and id say like them - only as safe as you are

    kinda miss gui's but yeah i can do alot more with this than i can windows

    gl hope you dont screw nothing up that cant be fixed with ease.

    remember every mistake is a learning experience lol

  6. #6
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: Is BackTrack safety to use.

    Well its really easy to do permanent damage e.g. for windows installation, if you dont know what you are doing.

    However livelinux aint that unsafe to use, it depends of the user.

  7. #7
    Senior Member skull2006's Avatar
    Join Date
    Jan 2010
    Location
    In my skull
    Posts
    125

    Default

    Thank you all of you,

    maybe i want learn so fast.

    best regards,

    Thank you all of you.

    my last point is this firewall show me all real active connections.

    http://img641.imageshack.us/img641/565/firewall1.png

    best regards,
    Last edited by balding_parrot; 02-26-2010 at 06:11 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •