BackTrack is, more than an application, a group of applications mainly aimed at information security auditing.
BackTrack is presented through of a GNU/Linux distribution, specifically based on Ubuntu, and for its use we can opt to install it in our hard disk as an alternative operating system or to use it with the option “live dvd”.
With BackTrack we dispose of a wide array of tools which allow us to perform limitless tests, diagnoses, and cross-checks, all of them related to important aspects when evaluating information security of analyzed equipments.
We have to keep in mind the fact that, in contrast to the great functionalities that BackTrack incorporates, to get a good performance it will be necessary to count on at least some basic knowledge to use them. Anyway, in the official website there are many help tutorialsavailable for the different options of installation, use of the unique characteristics of BackTrack, customization of distribution, etc.
The tools we can use with BackTrack are classified according to their functionality into the following groups:
- Enumeration: With the tools here included we will be able to get determined information about the equipment, such as the Kernel, Operating System, etc.
- Exploit Archives: All the exploits are contained here.
- Fuzzers: Tools to look for protocol failures.
- Spoofing: The techniques of criminal impersonation such as IP changes, forgery of ARP table, etc. Are collected here.
- Tunnelling: To implement a net protocol over another.
- Forensic Tools: It is a full analysis for those systems which have suffered from some kind of attack, so that the damages caused can be fixed and future attacks avoided.
The potential of BackTrack is huge given the tools it incorporates, that is why special care should be taken in its use, doing it always from a responsible point of view, since some of its functions may infringe the law.