Results 1 to 8 of 8

Thread: Backtrack in heterogeneous environments.

  1. #1
    Just burned his ISO
    Join Date
    Apr 2011
    Posts
    2

    Question Backtrack in heterogeneous environments.

    Hi guys,

    I got a penetration test to do in a company, and it includes different machines, Linux, osX, Windows, and some other systems. While we were discussing the contracts, the boss asked me a question I couldn't really answer.

    "what are the advantages and disadvantages of using backtrack in an heterogeneous environment like the one we have"

    I got the following answers,

    1. Many tools available in one place
    2. This allows the penetration test to be fast without carrying 20 live cds
    3. It may restrict the creativity of the Pentester by using only the tools available


    Actually, I told him I would come up with other answers, but after a few search I couldn't. Do you have any other ideas ?

    thanks

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Backtrack in heterogeneous environments.

    Not sure how number 3 would apply to a distribution. Creativity of the penetration tester should be a hallmark characteristic. Not something that is confined to a tool or tool set.
    Further there are pros and cons to using anything. BackTrack is created for the professional penetration tester. So with this thought in mind it is designed to make his or her job easier. By that I mean we put first thought into pentesting and not appearances of the OS, or if it has 16 different twitter applications built in.
    So having said that, your job as the end user is to evaluate it, and determine if it fits your needs. Based on this evaluation, one would normally have two choices, 1 improve the product to better suite you, or 2. use another product.
    While we would hope that BT will suite your needs it may very well not. But we would also appreciate the feedback as to why it does not fit.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: Backtrack in heterogeneous environments.

    The reason I use Backtrack specifically is that it makes no noise until I tell it to. The more I dig into Backtrack the more I appreciate the attention to certain detail.

    In fact the only disadvantages are...
    - the DHCP hostname when using WICD. (When I see "bt" in the clients list on a network, it always excites me a bit.) Which oddly enough prompted me to write a script to look for that hostname (and others) as a preventive measure, as well as to connect to any network from the command line when I use BT.
    Might want to change that to something less obvious like "user".

    - All the ports are closed and makes it very obvious when its on a network where every client has an open port.

    one question to the op though. why is the distro relevant to the customer? as opposed to what? Have you done anything to customize BT or just running it out of the box? build some customized scripts to run the pentest and sell that.

    Another thing is that the presentation of findings is more important than how you do the pentest. As far as the customer is concerned the process is a trade secret. just give him 3 choices - like packages.
    - exhaustive - Social engineering, exploitation and control of clients
    - comprehensive - Manipulation of network information but no SE and exploitation with "safe checks" enabled
    - safe - wont affect the network at all, passive recon.

    One of my favorite things to do is watch the customer as he listens to the SE calls. Its amazing how quickly the staff gets retrained.

    I am a fan - great job guys
    Last edited by Scamentology; 04-15-2011 at 06:12 PM.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  4. #4
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: Backtrack in heterogeneous environments.

    Quote Originally Posted by Scamentology View Post
    - the DHCP hostname when using WICD. (When I see "bt" in the clients list on a network, it always excites me a bit.) Which oddly enough prompted me to write a script to look for that hostname (and others) as a preventive measure, as well as to connect to any network from the command line when I use BT.
    Might want to change that to something less obvious like "user".
    Actually, I think you can disable this in the preferences And if you can't, you surely can change the name before connecting !
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  5. #5
    Just burned his ISO
    Join Date
    Apr 2011
    Posts
    2

    Default Re: Backtrack in heterogeneous environments.

    Thank you for the answers

    So while making pen-testing you always kept the methodology secret ?

  6. #6
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: Backtrack in heterogeneous environments.

    Quote Originally Posted by comaX View Post
    Actually, I think you can disable this in the preferences And if you can't, you surely can change the name before connecting !
    I am aware of that. Thanks

    It is a very minor point that I made about the default host-name. My point was that this was the only thing that stuck out when I read this thread.

    Backtracks claim to fame is how "quiet" it is by default and this is a huge red flag on a network if the pen-tester doesn't change this "preference", But that comes down to the users attention to detail.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  7. #7
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: Backtrack in heterogeneous environments.

    you can change it easy enough but it seems there are programs that depend on it staying the default...i changed the hostname to something else and some things failed to work correctly.
    Wielder of the spoon of doom
    Summercon, Toorcon, Defcon, Bsides, Derbycon, Shmoocon oh my
    Come hang out with hackers on twitter @gunrunr556

  8. #8
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re : Re: Backtrack in heterogeneous environments.

    Quote Originally Posted by gunrunr View Post
    you can change it easy enough but it seems there are programs that depend on it staying the default...i changed the hostname to something else and some things failed to work correctly.
    Never had anything of the sort, but it might explain failures in the future... Thanks ! Do you have examples ?
    Running both KDE and GNOME BT5 flawlessly. Thank you !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •