Wow what can I say though nothing but great things. I am an avid Linux distro user and by far I love BackTrack as well as most people. My business perferoms Security Auditing and Penetration Testing and every utility is awesome within BackTrack. I suggest if your a linux fan and have yet to hear of it which you probably have, check it out, they also have bootable USB drivers as well as Live CD's Regards, EntityX
BackTrack 3/4 Linux Distro
- Thread starter entityx47
- Start date
- Messages
- 764
- Reaction score
- 27
- Points
- 0
For those completely new to linux Backtrack is NOT for you. Should also point out that in some countries merely being in possesion of a copy can land you in prison.
If you do want to find out what the fuss is about Linux, particulary how fast it works compared to windoze then download a copy of Puppy or Ubuntu. Both are free and fully functional without any restrictions or time limits, well supported by coders and friendly help forums.
Thankfully BackTrack does not come with any instructions and if that alone were not sufficient to deter most from 'experimenting for educational purposes' what support forums that do exist have a blatantly ruthless attitude towards script kiddies begging for help.
Backtrack is a nice suite of tools but most folk never use half of them and personally prefer the customised version of Puppy linux from (sorry no links), lighter in size and less RAM dependant so I don't need a powerful laptop to run it.
If you do want to find out what the fuss is about Linux, particulary how fast it works compared to windoze then download a copy of Puppy or Ubuntu. Both are free and fully functional without any restrictions or time limits, well supported by coders and friendly help forums.
Thankfully BackTrack does not come with any instructions and if that alone were not sufficient to deter most from 'experimenting for educational purposes' what support forums that do exist have a blatantly ruthless attitude towards script kiddies begging for help.
Backtrack is a nice suite of tools but most folk never use half of them and personally prefer the customised version of Puppy linux from (sorry no links), lighter in size and less RAM dependant so I don't need a powerful laptop to run it.
cybrax, "For those completely new to Linux Backtrack is NOT for you. Should also point out that in some countries merely being in possession of a copy can land you in prison." Your absolutely correct, however we use it here in the United States of America for Security Auditing & Penetration Testing and much more... The point of my post was to enlighted another individuals if they so are interested or run a business.
- Messages
- 764
- Reaction score
- 27
- Points
- 0
Offering digital security services is a tough sell.
Approaching a small to medium size business and saying "Did you know a hacker can steal your wifi connection to the internet in under four minutes?"* is nearly allways greeted with incredulity. Fewer still will give written prior consent in order that you can prove your claim (without prior consent it's considered hacking not pen-testing here in the UK ). They nod, they smile they say that the person in charge of IT will look into the problem but seldom are basic security changes implemented.
* certain routers will actually fall to attack in under 10 seconds because the default SSID being broadcast has a corralation to the wifi key. [the script to do this speed crack is not part of Backtrack incidently]
Approaching a small to medium size business and saying "Did you know a hacker can steal your wifi connection to the internet in under four minutes?"* is nearly allways greeted with incredulity. Fewer still will give written prior consent in order that you can prove your claim (without prior consent it's considered hacking not pen-testing here in the UK ). They nod, they smile they say that the person in charge of IT will look into the problem but seldom are basic security changes implemented.
* certain routers will actually fall to attack in under 10 seconds because the default SSID being broadcast has a corralation to the wifi key. [the script to do this speed crack is not part of Backtrack incidently]
tfcshoebox59
New Member
- Messages
- 9
- Reaction score
- 0
- Points
- 0
"[the script to do this speed crack is not part of Backtrack incidently]"
As a matter of fact, there are many utilities to crack wireless authentication procedures embedded within backtrack. 5 - 20 seconds.
As a matter of fact, there are many utilities to crack wireless authentication procedures embedded within backtrack. 5 - 20 seconds.
- Messages
- 764
- Reaction score
- 27
- Points
- 0
Lol, yes I'm aware of the three packages currently featured on BT4. ALL of these employ statiscal analysis to break WEP keys (WPA cracking even with rainbow tables is essentialy brute-forcing from a large wordlist), so the time taken is wholly dependant upon the processing power* available to the 'penetration tester'.
What I was alluding to was the fact that encryption algorithm for some common routers is known. As such there is no need to perform repeated calculations to determine the secret key, just one is required provided the default SSID has not been changed.
*other factors are involved in the real world such as: distance to target, PPS Injection rate, and MAC address filtering that hinder the IV collection procedure before one can even start breaking the key.. Of course with WPA only the handshake is required, then it becomes a simple mater of checking permutations against the wordlist. Of course in a real world test you have no idea what the passphrase is so a very large wordlist is needed.
What I was alluding to was the fact that encryption algorithm for some common routers is known. As such there is no need to perform repeated calculations to determine the secret key, just one is required provided the default SSID has not been changed.
*other factors are involved in the real world such as: distance to target, PPS Injection rate, and MAC address filtering that hinder the IV collection procedure before one can even start breaking the key.. Of course with WPA only the handshake is required, then it becomes a simple mater of checking permutations against the wordlist. Of course in a real world test you have no idea what the passphrase is so a very large wordlist is needed.
- Messages
- 764
- Reaction score
- 27
- Points
- 0
What can you say.. now with 64bit capability that will help a little with those 33 Gigabyte rainbow tables AND oh this is sweet... the tantalising prospect of BT5 on an android. (Some folk can already run Ubuntu on thier cell-phones, sadly many of the wifi chipsets don't support injection but it's early days)