BackTrack is a GNU/Linux distribution distributed as a Live CD which resulted from the merger of WHAX and the Auditor Security Collection. It takes advantage of SLAX's modular design and structure to enable the user to include customizable scripts, additional tools and configurable kernels in personalized distributions. The BackTrack project was created by Mati Aharoni and Max Moser and is a collaborative effort involving the community. BackTrack 2 was released on March 6, 2007 and includes over 300 security tools. A beta version of BackTrack 3 was released on December 14, 2007, but it was announced that its main focus was to support more and newer hardware as well as provide more flexibility and modularity.
The BackTrack distribution originated from numerous Linux counterparts. WHAX, a name derived from White hat and SLAX, was a distribution designed for security tasks. WHAX emerged from Whoppix, a Knoppix-based security distro. When Whoppix reached version 3.0 it was renamed as WHAX, to reflect the change of parent distribution from Knoppix to SLAX. Customized by Mati Aharoni, an Israeli security consultant, WHAX made its central focus on penetration testing. WHAX made it possible to test and verify the security of a network from many computers located in various places.
Max Moser's Auditor Security Collection - "The Swiss Army Knife for security assessments" - was focused as well on Linux-based penetration tests. The overlap with Auditor and WHAX in purpose and tools collection partly led to the merger. Auditor featured well-laid-out menus for its collection of over 300 tools for troubleshooting, network and systems-fortifying. Its user-friendliness resulted in enhanced usability for penetration testing which led to the formulation of the BackTrack security testing distribution.
The Auditor security collection was a Live CD based on Knoppix.
After coming into a stable development procedure during the last releases and consolidating feedbacks and addition, BackTrack producers restructured the development focal point from stability to functionality by restructuring the build and maintenance processes. With the current versions of BackTrack, the majority of applications are constructed as individual modules which improve the update performance with releases and fixes.
BackTrack focuses its central idea on the needs of computer penetration testers. The inclusion of Live CD and Live USB functionality enables any user to just insert their respective data medium and boot up BackTrack. Direct hard disk installations (2.7 GB uncompressed) can also be completed within the Live CD (700 MB compressed) environment through the basic graphical installation wizard with no restart subsequent to installation. BackTrack further continues its compatibility with the computer forensics demographic with accessibility and internationalization by including support for Japanese input in reading and writing in Hiragana, Katakana and Kanji.
The key additions to the BackTrack suite are notably -
BackTrack's functionality further increases with the arrangement of each tool in 16 categories. The tool categories are as follows -
|2006-05-26||The BackTrack project released its first non-beta version (1.0).|
|2006-10-13||BackTrack 2 first public beta released.|
|2006-11-19||BackTrack 2 second public beta released.|
|2007-03-06||BackTrack 2 final version released.|
|2007-12-17||BackTrack 3 first beta release.|
|2008-06-19||BackTrack 3 final released.|
The BackTrack 2 release garnered some criticism. The security suite did not include the popular security scanner Nessus, due to various licensing problems. Newer releases also created problems with PostgreSQL in Fluxbox which created an error, as well as the inclusion of programs such as the aforementioned Nessus and VMware which did not work. According to news releases the new version of BackTrack 3 will include advertising. Currently, bookmarks in Firefox seem to be the only advertising visible in version 3 Beta.
The Backtrack security distro has spawned a spin-off training course called Offensive Security, as well as the Offensive Security Certified Professional certification. This training course teaches basic penetration testing using the Backtrack Live CD.