Results 1 to 5 of 5

Thread: BT 4 Security

  1. #1
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    5

    Default BT 4 Security

    I've signed up for the Penetration Testing with Backtrack course and will be starting on 8/23.

    I believe people with WAY more skill than I have secured BT 4. I would like to learn more about how exactly BackTrack is secured though. How can I keep my BT 4 system from being hacked while I'm VPN'ed in for my PWB labs?

    I'm running BT 4 on a VM with a Hard Drive installation to that VM. I could make a snapshot of my VM before going into the labs, and restore to it after finishing a lab, but then I might lose my work.

    I know I'm more likely to screw something up and make my BT install less secure by messing around without knowing more about what has been or should be done.

    For example, this site:

    h x x p:// w w w.itsecurity.com/features/ubuntu-secure-install-resource/ The Big Ol' Ubuntu Security Resource - IT Security

    recommends installing grsecurity. Are there measures in place that negate the need for grsecurity or other utilities?

    How can I create a digital signature of my critical files so I can detect changes?

    Is there anything additional I can or should do to make the system more secure than the default install?

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    You will need to open ports locally for a lot of the course (exploits and such). Keep your system up to date with the standard apt-get commands, and firewall off the tun0 interface if you have things like ssh or vnc open.

    Make sure your password is not the default, and just follow standard security practices.

    There are enough open boxes in the labs that you're unlikely to be attacked activly anyway, and it's not like you'd be silly enough to run services you don't need running.... right...?
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Check out tripwire if your worried about file modifications. I use it on all my servers.

  4. #4
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    5

    Default

    The system's pretty locked down now, but I think I'll have to start services to do the labs. I'll definitely learn tripwire.

    Thanks!

    I've installed tripwire and printed the relevant man pages. Reading up.

    Thanks again guys.

  5. #5
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    On the topic of tools, look into bastille linux (a hardening script) and rkhunter. There really are a huge amount of tools - you could even run snort but then you're starting to hit large amounts of false positives when you fire off your own exploits and shells.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •