Results 1 to 5 of 5

Thread: Report generation and output

  1. #1
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    2

    Default Report generation and output

    Hi,
    I'm new to backtrack but not new to Linux or intrusion detection. I'm interested in the penetration testing and reporting aspects of backtrack. I'm in the process of setting it up, but thought I could also ask for people's experience in terms of the reports that are created as a result of a security scan?

    Is it comprehensive, detailed, and suitable for use as a report to turn over to the sysadmins to fix any potential vulnerabilities that were found and need to be addressed?

    What core engines does it use to actually do the scanning?

    How are the reports displayed?

    Thanks,
    Dave

  2. #2
    Member
    Join Date
    Feb 2010
    Posts
    78

    Default Re: Report generation and output

    I think you've got the wrong idea. Backtrack isn't a specific tool, it's a Linux distribution with a collection of tools. As such, it can use any "core" engine to scan that you want it to use. As for reporting, it's the same situation. Whatever tool you use is what's going to be doing the reporting, not Backtrack itself. The tools are only as good as the mechanic that uses them.
    Computer security is a temporary condition.

  3. #3
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    2

    Default Re: Report generation and output

    Quote Originally Posted by Renek View Post
    I think you've got the wrong idea. Backtrack isn't a specific tool, it's a Linux distribution with a collection of tools. As such, it can use any "core" engine to scan that you want it to use. As for reporting, it's the same situation. Whatever tool you use is what's going to be doing the reporting, not Backtrack itself. The tools are only as good as the mechanic that uses them.
    Hi, thanks for your help. I do realize that it's a collection of tools, but I assumed that what makes it different from a regular distribution is that it provides a better and easier way to perform tasks like pen testing.

    Is it really no different than if I were to install nessus on my debian box?

    There is no focus on configuring those applications to assist with the process and reduce some of the normal overhead that is associated with setup and management of those applications?

    Thanks,
    Dave

  4. #4
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default Re: Report generation and output

    Well the applications come preconfigured usually to run them out of the box without the need to compile them, configure them whatever. Still writing reports is up to the pentester.

    You might want to check out Leo or Dradis which both can be used to help create a documentation.
    Tiocfaidh ár lá

  5. #5
    Member
    Join Date
    Feb 2010
    Posts
    78

    Default Re: Report generation and output

    What KMDave said. It does reduce overhead because everything is complied, configured and good to go. It's popularity also makes it useful (constantly updated, well maintained, etc.). I've seen Backtrack used in the defense department, during demo's by professors, and in every security video/tutorial ever.

    Dradis is a great framework for reporting but if your company has money to burn then you can always give something like Metasploit Pro a shot. That automates a great deal of the pen test and does a good bit of the report generation for you.
    Computer security is a temporary condition.

Similar Threads

  1. Before posting a bug report.
    By Archangel-Amael in forum BackTrack Bugs
    Replies: 0
    Last Post: 08-06-2010, 08:00 PM
  2. ARP generation
    By SyntaXe in forum OLD BackTrack 3 Final
    Replies: 1
    Last Post: 09-12-2008, 03:10 PM
  3. web app pentest report
    By chelano in forum OLD Pentesting
    Replies: 6
    Last Post: 09-10-2008, 12:51 PM
  4. Replies: 1
    Last Post: 02-21-2008, 04:18 PM
  5. PCI-e laptops report in!
    By Weedy in forum OLD BackTrack v2.0 Final
    Replies: 15
    Last Post: 08-24-2007, 02:41 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •