ArchTrack

[secureseven]

Hey guys what's up. I recently converted to Arch Linux (and it's...AMAZING! But this isn't the thread to blog about how much I love this distro compaired to the others I've used for years) But I came across this community project called ArchTrack. It can be found here:
http://wiki.archlinux.org/index.php/ArchTrack

It's got a decent amount of tools already in the AUR(Arch user repository) and people seem to be taking a liking in helping add more tools. Arch Linux being bleeding edge, I figure it can't be that far behind Backtrack in new tools (except backtrack scripts which have to be ported). There is not yet a live-cd/usb version yet, it's on the roadmap though, but if you have arch linux (I would recommend you try it) you can install these tools on your current arch linux distro.

This just works out for me personally because 1) I enjoy being able to do everything from one OS without a reboot. 2) I can choose the best tools I see fit to help me pentest. I don't need 6 DNS enumeration tools, or 5 different aircrack-ng wrapper tools. I just need the top 2 or 3 tools for each categery/sub-category (information gathering/dns)

Just though I would share this with you and maybe get some of you to join in on the package making fun!

post-script: Although there are meta-packages archtrack(stable) and archtrack-dev(svn,cvs,git,etc.), you can still install the tools individually.

[H1t M0nk3y]

Sounds great secureseven, but other than for its minimalist implementation, what would ArchTrack have over BackTrack? I mean, do you have tools in it that isn't in BackTrack?

[secureseven]

To my understanding, there are currently no tools in ArchTrack that isn't listed in Backtrack yet. This project is starting to roll with the community there and I'm sure scripts will be included eventually.

I am not the project lead or anything like that, just thought I would give people a heads up on an alternative if they wanted. I mean, what's linux without choices lol. I certainly do think BT is a great distro, but i feel a little more "free" with archtrack (well arch linux in general, being a minimalist distro) being able to choose the best tools I see fit for my setup. I can even make a fresh install of arch linux choosing important drivers, WM, tools, etc. then use a similar tool to remastersys to make my own personal live-cd/usb.

I just wanted to let people know there are options out there for a more precise toolset. But I certainly do use BT to try out the latest tools to see if I like them or not.

[H1t M0nk3y]

Ok, thanks secureseven for your clarifications.

[ryooichi]

I would like to clarify here that while archtrack is starting from backtrack as a baseline, because they have done an excellent job, we do intend to focus on the tools more within arch linux, and less on things like which window environment is best. Some examples of where I'd like to take archtrack include adding a wider range of tools from security specialties adjacent to pentesting and forensics.  I also would like to have a similar functionality as backtrack but using arch linux because it is a superior distro for experienced linux users.  For example, why learning ufw, when you can just learn iptables and that knowledge can be applied everywhere? It has a philosophy of making things just work like ubuntu, but in a simpler way, and as a rolling release.  Rolling release is important because it accepts the reality that technology moves quickly. Bye for now.

[sil]

I'll give it a whirl but I would like to note to others here about (drum roll) relying on tools

I currently use Backtrack (older version) and I have my own security testing distro cobbled together from FreeBSD - minimal view on the "Rage Against the Vista Machine - Social Engineering Toolkit" video (http://www.infiltrated.net/Rage-Against-the-Vista-Machine/) It's compromised of almost all alternative tools to the usual suspects (e.g., hping vs. nmap ... Scapy, etc.)

Backtrack - and I'm sure Archtrack - place a lot of emphasis on getting cool things working but I found that at times there is a lot of bloat (KDE?...) Also, some of the tool selections are ... "too hip" to be useful. I've found that custom tailoring my own "Backtrack" like clone, I can mix and match specifics, for example, I could probably slap on an entire VoIP pentesting distro alongside backtrack whereas some tools are limited, and some are overkill With that said, good luck with Archtrack, hope to see it come nicely together.

For others don't be a slacker... Go make your own distro! When I get to work Monday I'll throw together a detailed list of things I have on there if anyone messages me out of curiousity. Also, I noticed on the "defensive/covert" side, I can see Backtrack and others coming a mile away. The tool signatures are almost always the same.