Use BackTrack to check Linux Security Vulnerabilities

Source: Internet
Author: User
Article Title: Use BackTrack to check Linux security vulnerabilities. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

Whether you have used the Bastille UNIX tool to manually harden your Linux system or want to take a snapshot of the current system status, you need to use BackTrack. This is a Slackware-based Linux version that runs by starting a CD or a virtual machine image (VMI. In the third official version (if you calculate the latest release of the fourth version), BackTrack provides convenient security tools to detect Linux system vulnerabilities. In the spirit of hacker intrusion, BackTrack integrates this common security testing method:


: BackTrack Security Test Method

BackTrack contains niche security tools that are difficult to download, compile, and install. Whether you are a Linux technical expert or novice, it is difficult to download the complete version of Linux and security testing tools. Shows the main BackTrack interfaces:


: BackTrack desktop and security tools directory

Common Security Evaluation scenarios for testing internal Linux systems using BackTrack are as follows:

Use fping to identify active hosts

Use nmap to identify the operating system and detect opened ports

Use amap to identify running applications

Use SAINT to find vulnerabilities in the operating system

Use Metasploit to develop Operating System and Application Vulnerabilities

The possibility of Linux centralization is endless. In addition, BackTrack includes a wide range of database, Web, and seamless tool settings for finding and mining system defects outside of Linux claims. It even contains built-in HTTP, TFTP, SSH, and VNC devices for use during vulnerability Verification and analysis. In addition, if you have such a requirement, BackTrack can also integrate digital forensics tools. In fact, using tools such as Autopsy and Sleuthkit is good for turning back hacker technology to further strengthen your security skills.

I have always been a supporter of good commercial security testing tools, but you may no longer use paid tools. In fact, the BackTrack tool is not only good enough, but she is actually very good. especially careful reporting and managing the vulnerabilities that are being encountered are not your top priority. I will continue to use commercial tools in security assessment.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.