Sunday, June 05, 2011

Belated BT5 LiveDVD Review

When Backtrack5 came out, Blogger was down, which probably aggravated a lot of security blogtards because they wanted to get their two cents out to the masses as soon as possible.

I was one of them, but I didn't really have anything to say except I was glad that BT5 finally included JFS support.

Maybe "glad" is the wrong word. It was more like "no longer pissed off".

I mean—for fuck's sake—why have a shitload of disk forensics software that you can't use? And if it's too bloated to fit on a CD in the first place, what's the harm in bloating it a teensy bit more with a friggin' JFS kernel module? I mean Jeebus, I had to download a goddamned kiddie distro (Linux Mint) to get JFS support.

Suffice to say, I am now a bigger fan of BTx than I was a couple of months ago. And since it does IPv6 so well on my network, I will be using it all day long come World IPv6 Day.

But I still have my issues.

Their motto is "The quieter you become, the more you will be able to hear."

I have a corollary to that: "The more invisible you become, the more you will be able to see."

Hinky's First Rule of Invisibilty: Lose the hacker desktop.

I know it makes you fell like a L337 HAX0R, but anyone with an IQ of over 65 shoulder surfing you knows you're up to no good. And smarter people will start having paranoid delusions. Underneath all that cruft is a plain vanilla Ubuntu desktop. Use it. The best way to do that is after booting the DVD, change root's password, add a non-root account (I use "notroot") to the admin group, do "su notroot", then run startx.

If you're doing wireless, you should be able to fire up Wicd and get connected. I have noticed that in some environments you may have to fire up "dhclient wlan0" in a terminal to get an IPv4 address.

Why not run as root? Aside from the getting the plain desktop by default, you're going to run Chromium, which refuses to run as root. Open a terminal and enter "sudo apt-get install chromium-browser". After it's set up, open Chromium and install a better-looking theme. "Dolce&Gabanna" looks good with the default Ubuntu brownishness, as does "Desktop". Next, install Ad Block Plus for Chrome, because no one likes ads.

Sure, BT5 comes stock with NoScript, but you're booting from a DVD, so who cares if you get hacked? While you have Chromium open, check your IPv6 connectivity just for laffs.

Since your "notroot" account is in the "admin" group, you can sudo anything without entering a password. A lot of the tools from the Backtrack menu will automatically bump you to root, some won't. For the most part, running as "notroot" isn't too restrictive.

At this point I generally install mc (Midnight Commander) and my favorite non-vi editor jed, mostly because I've been running both for the last fifteen years and I can't live without them.

And of course, I need obfuscated-openssh if I want to "phone home" over ssh. You have to build it (BT5 already has build-essential, but it needs libssl-dev to compile). Get a USB drive and build it there and you'll have it next time you need it. If you're going to be hopping between 32 and 64bit versions of BT5, build the 32bit version since it works fine on both platforms.

If you're into wireless hacking, get yourself an Alfa 1 USB card (based on the RaLink RTL8187) and check out Vivek Ramachandran's megaprimer on SecurityTube. Lots of excellent information on wireless hacking with BT5 for newb and expert alike.

As a LiveDVD, I highly recommend BT5, but I doubt if I would ever install it as a desktop or notebook OS. It is an excellent tool that I would have used—instead of Linux Mint—to rescue my JFS drives back in March.

No comments:

Post a Comment