Hi everyone,

Can I use backtrack as a daily use linux distro. I mean I am a part time network security researcher (cause I am a full time malware analyst) and backtract is a full fledged linux distro, so is it a must that it should be used only for pentesting? Can't it be used in daily tasks...

what I intend to do is that I will install "only" BT3 on my laptop and I'll use it as a general linux distro in the day and as a security toolkit in the night

Please express your opinion on the concept...

Thanks
shakuni

I used backtrack 2 for a little while as a everyday OS and i did not seem to have too many problems. I was not doing a whole lot outside of pentesting though. I guess it really just depends on what you want to be doing. I now have switched to just the BT usb like RoleReversal but its up to you.

Try it and if you dont like it switch back.   

Muts (creator of BT) uses it as his everyday distro. Yes, of course you can use it as your day to day distro,espicailly if you are experienced with Linux, but you would be better off using something with more community support for day to day apps. Ubuntu is still what I recommend for beginners and casual day to day use.

Gotta go with Kev on this one. Ubuntu was my choice when I was first starting out with linux. Now it's BackTrack 3 all the way to suit my  'revenge', I mean 'security' testing needs.

yes, I agreed to have BackTrack configured for daily use to get used to it. But what about this... if we install normal linux distro as a desktop and configure all tools by hand to get the more grip?

I really like the idea of this, especially for people new to linux and linux tools.
Run Backtrack to get a quick feel for how tools work, but also compile those tools on a distro with a lot of community support like Ubuntu to get the full linux experience. 

Chris,

for the most part I agree with your stance on 'real' VS 'live' linux. However for most it is easier to gain familiarity with a system that just works (I know...) before trying to build the system themselves. It's easy for those of us with Linux experience to claim that it is best to use a 'real' distro, as this is the case. But live distros are like learning to ride a bike with training wheels, they give you a bit extra support until you have the confidence and ability to try the real thing.

Even in an MS world most people need to get used to a working environment before they could even determine if something was amiss, let a lone put it right. I think if more people could get an easy, bump free, start with Linux then more would be convince it is a usablt platform.

Same goes for entering the security arena, it's hard to learn the theory and actions required if you don't have confidence that your tools are functioning correctly. BackTrack serves a purpose and is, in my limited personal experience, a good route into the tools and systems required for those starting out in the field.

Chris,

don't think we're going to get too far with this, mostly as I agree with you on most points as I've already said.

The main point I do disagree on is that using pre-built tools doesn't teach anything. Admittedly it doesn't teach you much about linux (no compile and dependency hell as you mention) but it gives people the opportunity to learn the tools and the processes. Not everyone wants to become an uber hacker, some just need to have the tools available to do a certain aspect of their job.

This doesn't necessarilly make for perfectly secure systems, but if a non-security admin can run db_autopwn at their environment and plug those holes it will enable them to move their environment from the 'low hanging fruit' level of targets. Not ideal, and certainly not 100% (not possible I know) secure, but often this is acceptable risk for the business in question.

Regarding the 'confidence in your tools' thread I'm sure you would have confidence in your tools, so would I; but for someone new to the scene is nmap showing no open ports becuase nothings listening? or because I cocked up my build? I agree that the mainstay of packages can be easily installed by source or package management, but in the later case you'll learn no more than using a live distro, the system handles the 'black-magic' for you.

Possibly I'm coming from a biased basis as I started off using Backtrack, before migrating to the real-deal. I agree 100% that there are some completely n00b questions asked on the remote-exploit forums by those without the prerequisite knowledge for the material in hand, the same as we occasionally see on EH-Net, and I've seen over at LSO. But generally these people don't get the quick fix that they're looking for and go back to the Wii.

As we agree that Backtrack (et. al) is a good tool, but a full OS is preferable and even advisable, can I suggest we agree to disagree on the other points and I'll buy the first round if we meet in r/l?

RR

P.S. Shakuni, sorry for the slight thread hi-jack, if you're still running with your trials let me know how you get on, could be interesting