.

using backtrack as a daily use linux distro

<<

shakuni

Jr. Member
Jr. Member

Posts: 80

Joined: Sun Nov 04, 2007 2:24 pm

Post Thu Sep 11, 2008 8:09 am

using backtrack as a daily use linux distro

Hi everyone,

Can I use backtrack as a daily use linux distro. I mean I am a part time network security researcher (cause I am a full time malware analyst) and backtract is a full fledged linux distro, so is it a must that it should be used only for pentesting? Can't it be used in daily tasks...

what I intend to do is that I will install "only" BT3 on my laptop and I'll use it as a general linux distro in the day and as a security toolkit in the night ;)

Please express your opinion on the concept...

Thanks
shakuni
There is no rule, law or tradition that apply universally... including this one.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Thu Sep 11, 2008 8:43 am

Re: using backtrack as a daily use linux distro

Shakuni,

I'd agree mostly. Backtrack should be able to be used as daily distro. But from personal experience I have found it doesn't work out that way and I've gone back to using a 'normal' Linux install with my goodies on a daily basis whilst keeping a BT usb stick around for those times when I can't afford to mess around with a tool compilation in the middle of a incident.

As you say you're a full time malware analyst your mileage may vary, good luck
<<

jakx

Newbie
Newbie

Posts: 14

Joined: Mon Aug 11, 2008 9:20 am

Post Thu Sep 11, 2008 9:19 am

Re: using backtrack as a daily use linux distro

I used backtrack 2 for a little while as a everyday OS and i did not seem to have too many problems. I was not doing a whole lot outside of pentesting though. I guess it really just depends on what you want to be doing. I now have switched to just the BT usb like RoleReversal but its up to you.

Try it and if you dont like it switch back.  :)
<<

vijay2

Full Member
Full Member

Posts: 220

Joined: Wed Mar 28, 2007 6:22 am

Post Thu Sep 11, 2008 10:18 am

Re: using backtrack as a daily use linux distro

I use BT 3 running on a VM most of the time :)

VJ
GPEN GCFA GCIH CISSP CISA GSEC OSCP C|EH Security+
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Thu Sep 11, 2008 10:25 am

Re: using backtrack as a daily use linux distro

Muts (creator of BT) uses it as his everyday distro. Yes, of course you can use it as your day to day distro,espicailly if you are experienced with Linux, but you would be better off using something with more community support for day to day apps. Ubuntu is still what I recommend for beginners and casual day to day use.
<<

shakuni

Jr. Member
Jr. Member

Posts: 80

Joined: Sun Nov 04, 2007 2:24 pm

Post Sat Sep 13, 2008 11:57 pm

Re: using backtrack as a daily use linux distro

Thanks a lot for your inputs. From now on I will be using backtrack as my daily use distro. I'll post my experiences here if you want me to.

-shakuni
There is no rule, law or tradition that apply universally... including this one.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun Sep 14, 2008 9:11 pm

Re: using backtrack as a daily use linux distro

Kev wrote:Muts (creator of BT) uses it as his everyday distro. Yes, of course you can use it as your day to day distro,espicailly if you are experienced with Linux, but you would be better off using something with more community support for day to day apps. Ubuntu is still what I recommend for beginners and casual day to day use.


Gotta go with Kev on this one. Ubuntu was my choice when I was first starting out with linux. Now it's BackTrack 3 all the way to suit my  'revenge', I mean 'security' testing needs.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

shakuni

Jr. Member
Jr. Member

Posts: 80

Joined: Sun Nov 04, 2007 2:24 pm

Post Mon Sep 15, 2008 6:21 am

Re: using backtrack as a daily use linux distro

Now it's BackTrack 3 all the way to suit my  'revenge', I mean 'security' testing needs.

he he he...
There is no rule, law or tradition that apply universally... including this one.
<<

X0Red

User avatar

Newbie
Newbie

Posts: 2

Joined: Fri Aug 29, 2008 6:29 am

Post Mon Sep 15, 2008 11:59 am

Re: using backtrack as a daily use linux distro

yes, I agreed to have BackTrack configured for daily use to get used to it. But what about this... if we install normal linux distro as a desktop and configure all tools by hand to get the more grip?
-X0Red
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Mon Sep 15, 2008 12:02 pm

Re: using backtrack as a daily use linux distro

I use BackTrack 3 when I don't want a headache.  I use Ubuntu and compile all my tools to get the full 'experience'.  That and I'm a bit of a masochist.  I have a sweet Lexar 4 gig metal thumbdrive connected to my keychain with BackTrack 3 and extra tools on it with me at all times though.  That and my "utili-key" which looks like a key... but has tons of little gadgets.  Mmmmm.... if only I could fit an eee pc on my keychain.
"Bad.. Good?  I'm the guy with the gun"
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Mon Sep 15, 2008 6:19 pm

Re: using backtrack as a daily use linux distro

g00d_4sh wrote:I use BackTrack 3 when I don't want a headache.  I use Ubuntu and compile all my tools to get the full 'experience'.


I really like the idea of this, especially for people new to linux and linux tools.
Run Backtrack to get a quick feel for how tools work, but also compile those tools on a distro with a lot of community support like Ubuntu to get the full linux experience. 
<<

LSOChris

Post Mon Sep 15, 2008 10:28 pm

Re: using backtrack as a daily use linux distro

<insert learn linux before F*ing around with BT rant here>
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Tue Sep 16, 2008 4:31 am

Re: using backtrack as a daily use linux distro

ChrisG wrote:<insert learn linux before F*ing around with BT rant here>


Chris,

for the most part I agree with your stance on 'real' VS 'live' linux. However for most it is easier to gain familiarity with a system that just works (I know...) before trying to build the system themselves. It's easy for those of us with Linux experience to claim that it is best to use a 'real' distro, as this is the case. But live distros are like learning to ride a bike with training wheels, they give you a bit extra support until you have the confidence and ability to try the real thing.

Even in an MS world most people need to get used to a working environment before they could even determine if something was amiss, let a lone put it right. I think if more people could get an easy, bump free, start with Linux then more would be convince it is a usablt platform.

Same goes for entering the security arena, it's hard to learn the theory and actions required if you don't have confidence that your tools are functioning correctly. BackTrack serves a purpose and is, in my limited personal experience, a good route into the tools and systems required for those starting out in the field.
<<

LSOChris

Post Tue Sep 16, 2008 7:29 am

Re: using backtrack as a daily use linux distro

i disagree,

liveCDs are tools, not OS's and should not be treated as such.  You'll learn faster building your own distro (in vmware if you wish) and working through the problems of installation (there really arent any anymore). You can be up and going in less than an hour.  In my life i have blown away more distros than i can count trying to install something with no documentation but i learned from it.  Just booting into a liveCD...its good to show someone "this is linux" to recommend they use that unless there is some extreme reason is not a good way to teach people what they need to know.

I guess if someone has never ever never seen or used linux then ANY liveCD would be ok to familiarize themselves.

as far as using security tools on BT first, having a ton of tools prebuilt for you teaches you nothing about:
1. installing and configuring those tools
2. why you even need those tools

There is something about the act of installing a tool yourself that forces you to think about why you are installing this and what are you going to use it for (especially if you have to go through dependency hell).  that helps more with understanding the methodology than just having that stuff installed for you.

your core tools that a "new person" will need will easily install from source or package management system.  As far as "have confidence that your tools are functioning correctly" if I install them myself i have confidence they work correctly.

Having someone or some distro do everything for you from the beginning does not set people up for success in working through problems on their own later...which is really what security is all about anyway.

if you need more proof then check out the remote-exploit forums yourself and look at the amount of basic linux questions that are in there, questions that shouldnt be there if people had the prerequisite knowledges that BT states you need before using their liveCD which is a good understanding of linux.
Last edited by LSOChris on Tue Sep 16, 2008 7:31 am, edited 1 time in total.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Tue Sep 16, 2008 9:19 am

Re: using backtrack as a daily use linux distro

Chris,

don't think we're going to get too far with this, mostly as I agree with you on most points as I've already said.

The main point I do disagree on is that using pre-built tools doesn't teach anything. Admittedly it doesn't teach you much about linux (no compile and dependency hell as you mention) but it gives people the opportunity to learn the tools and the processes. Not everyone wants to become an uber hacker, some just need to have the tools available to do a certain aspect of their job.

This doesn't necessarilly make for perfectly secure systems, but if a non-security admin can run db_autopwn at their environment and plug those holes it will enable them to move their environment from the 'low hanging fruit' level of targets. Not ideal, and certainly not 100% (not possible I know) secure, but often this is acceptable risk for the business in question.

Regarding the 'confidence in your tools' thread I'm sure you would have confidence in your tools, so would I; but for someone new to the scene is nmap showing no open ports becuase nothings listening? or because I cocked up my build? I agree that the mainstay of packages can be easily installed by source or package management, but in the later case you'll learn no more than using a live distro, the system handles the 'black-magic' for you.

Possibly I'm coming from a biased basis as I started off using Backtrack, before migrating to the real-deal. I agree 100% that there are some completely n00b questions asked on the remote-exploit forums by those without the prerequisite knowledge for the material in hand, the same as we occasionally see on EH-Net, and I've seen over at LSO. But generally these people don't get the quick fix that they're looking for and go back to the Wii.

As we agree that Backtrack (et. al) is a good tool, but a full OS is preferable and even advisable, can I suggest we agree to disagree on the other points and I'll buy the first round if we meet in r/l? :)

RR

P.S. Shakuni, sorry for the slight thread hi-jack, if you're still running with your trials let me know how you get on, could be interesting ;)
Next

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software