On January 11, 2010 the BackTrack team published the official release of BackTrack version 4. It is now possible to download both the traditional ISO and a high-useful VMWare virtual machine image. Now it is even easier to get up and running quickly. I used the final version recently on a security assessment and I am impressed with how this tool kit has grown in functionality and ease of use. BackTrack release 4 has been out now for a little over a month. They have had over 100,000 downloads of their security-focused distribution. Word has spread quickly of this great distribution image. Recently I performed a security assessment and made extensive use of BackTrack 4. It was useful to have a live assessment so that I could really explore all the tools that it had to offer. After you download the image and install it you can start up the image or VM and log into the environment using the default login/password (root/toor). Once logged in you can type "startx" at the root@bt# prompt to start the KDE window manager. To start up networking enter the command "/etc/init.d/networking start" to establish IP network connectivity. BackTrack 4 organizes the tools into categories that relate to the security assessment methodology. Following is a screen shot of the tools and how they are organized along the lines of a typical assessment methodology. Some of the tools that I found useful were Dnsmap, Aircrack-NG, OpenVAS, MSF 3, xprobe2, 5nmp, nmap, MSSQLscan, ike-scan, and SSLscan.
A while back I wrote an article about how the BackTrack 4 pre-release version has some IPv6-capable utilities. I felt that this was an indication that IPv6 was becoming more mainstream and more useful to white/gray/blackhats. I was concerned over how encapsulated IPv6 traffic could be used as a command-and-control channel because it could pass through networks undetected. The reality is that traditional IPv4 IRC, P2P and HTTP are more frequently used. That is because these commonly-used protocols are allowed outbound through organization's firewalls and it is the least path of resistance. The botnets are developed to have usability over the largest number of malware infected hosts. IPv6 still hasn't reached the adoption rate to warrant the botnet creators to change their choice in protocols. The next time you have to perform a security assessment you should definitely look into using BackTrack 4 as one of the tools in your arsenal. Scott