Report generation and output

[gossamer]

Hi,
I'm new to backtrack but not new to Linux or intrusion detection. I'm interested in the penetration testing and reporting aspects of backtrack. I'm in the process of setting it up, but thought I could also ask for people's experience in terms of the reports that are created as a result of a security scan?

Is it comprehensive, detailed, and suitable for use as a report to turn over to the sysadmins to fix any potential vulnerabilities that were found and need to be addressed?

What core engines does it use to actually do the scanning?

How are the reports displayed?

Thanks,
Dave

[Renek]

I think you've got the wrong idea. Backtrack isn't a specific tool, it's a Linux distribution with a collection of tools. As such, it can use any "core" engine to scan that you want it to use. As for reporting, it's the same situation. Whatever tool you use is what's going to be doing the reporting, not Backtrack itself. The tools are only as good as the mechanic that uses them.

[gossamer]

I think you've got the wrong idea. Backtrack isn't a specific tool, it's a Linux distribution with a collection of tools. As such, it can use any "core" engine to scan that you want it to use. As for reporting, it's the same situation. Whatever tool you use is what's going to be doing the reporting, not Backtrack itself. The tools are only as good as the mechanic that uses them.

Hi, thanks for your help. I do realize that it's a collection of tools, but I assumed that what makes it different from a regular distribution is that it provides a better and easier way to perform tasks like pen testing.

Is it really no different than if I were to install nessus on my debian box?

There is no focus on configuring those applications to assist with the process and reduce some of the normal overhead that is associated with setup and management of those applications?

Thanks,
Dave

[KMDave]

Well the applications come preconfigured usually to run them out of the box without the need to compile them, configure them whatever. Still writing reports is up to the pentester.

You might want to check out Leo or Dradis which both can be used to help create a documentation.

[Renek]

What KMDave said. It does reduce overhead because everything is complied, configured and good to go. It's popularity also makes it useful (constantly updated, well maintained, etc.). I've seen Backtrack used in the defense department, during demo's by professors, and in every security video/tutorial ever.

Dradis is a great framework for reporting but if your company has money to burn then you can always give something like Metasploit Pro a shot. That automates a great deal of the pen test and does a good bit of the report generation for you.