BT 4 Security

[b4ck-tr4kkr]

I've signed up for the Penetration Testing with Backtrack course and will be starting on 8/23.

I believe people with WAY more skill than I have secured BT 4. I would like to learn more about how exactly BackTrack is secured though. How can I keep my BT 4 system from being hacked while I'm VPN'ed in for my PWB labs?

I'm running BT 4 on a VM with a Hard Drive installation to that VM. I could make a snapshot of my VM before going into the labs, and restore to it after finishing a lab, but then I might lose my work.

I know I'm more likely to screw something up and make my BT install less secure by messing around without knowing more about what has been or should be done.

For example, this site:

h x x p:// w w w.itsecurity.com/features/ubuntu-secure-install-resource/ The Big Ol' Ubuntu Security Resource - IT Security

recommends installing grsecurity. Are there measures in place that negate the need for grsecurity or other utilities?

How can I create a digital signature of my critical files so I can detect changes?

Is there anything additional I can or should do to make the system more secure than the default install?

[Gitsnik]

You will need to open ports locally for a lot of the course (exploits and such). Keep your system up to date with the standard apt-get commands, and firewall off the tun0 interface if you have things like ssh or vnc open.

Make sure your password is not the default, and just follow standard security practices.

There are enough open boxes in the labs that you're unlikely to be attacked activly anyway, and it's not like you'd be silly enough to run services you don't need running.... right...?

[purehate]

Check out tripwire if your worried about file modifications. I use it on all my servers.

[b4ck-tr4kkr]

The system's pretty locked down now, but I think I'll have to start services to do the labs. I'll definitely learn tripwire.

Thanks!

I've installed tripwire and printed the relevant man pages. Reading up.

Thanks again guys.

[Gitsnik]

On the topic of tools, look into bastille linux (a hardening script) and rkhunter. There really are a huge amount of tools - you could even run snort but then you're starting to hit large amounts of false positives when you fire off your own exploits and shells.