METHODS FOR RUNNING BACKTRACK LINUX
The bootable Linux files available for download include a special version of BackTrack Linux that has been customized for performing the Linux security-testing activities.
In order to use the BackTrack Linux files for the book’s activities, you will need to burn them onto a DVD. To do this, access the book’s companion website at www.courseptr.com/downloads. Please note that you will be redirected to the Cengage Learning site. You may search for the book using the title, author’s name, or ISBN. The Read Me file includes instructions for downloading the BackTrack file, extracting it, and burning it to a DVD.
These files have been tested and verified to work with all hands on activities. Because BackTrack Linux is an open-source product, changes and modifications to the software can occur at any time. You might want to connect to BackTrack repositories to update the OS when updates are available. However, updating might require doing some troubleshooting if the updates cause applications to not function correctly. If you don’t want to spend time troubleshooting application errors, use the files as is and create a separate DVD with an ISO image that you can modify and update as needed.
You can run BackTrack from your DVD without having to install Linux on your hard drive. However, to improve performance, save time, and be able to save settings between sessions, you might want to install it with one of the following methods:
Install BackTrack as a virtual machine with free virtualization software, such as VMware Server or VirtualBox. This method is covered in Appendix C. The advantage of using a virtual machine is that it enables you to run Linux and Windows at the same time.
Install Linux on a USB flash drive with at least 4 GB storage capacity. With this method, you can move your personalized Linux system and run it on any system. With this method, covered in the next section, you can also save files and reports on this drive.
Install Linux in a dual-boot arrangement with Windows Vista. Dual-boot installations can vary depending on the hardware and require some complex steps if BitLocker or other disk encryption is used. Dual-boot installation isn’t explained in this book, but you can find plenty of information online.
The Linux activities have been designed with the assumption that you’re booting and running Linux directly from your BackTrack DVD. You need to take this into account and modify the beginning steps of Linux activities if you’re running Linux from a virtual machine or a USB flash drive or in a dual-boot arrangement.
CREATING A BOOTABLE USB FLASH DRIVE
To install Linux from the DVD on a USB flash drive, you need a drive of at least 4 GB. (Later versions of BackTrack will require more than 4 GB.) Note that the speed of some flash drives isn’t quite adequate for running a live Linux OS. Performance improvements can be substantial if you use a flash drive with faster read and write speeds. For the best results, a flash drive with a minimum of 15 MB/second read and write speed is recommended. For example, a premium flash drive, such as the OCZ Rally2 Turbo 8 GB drive, has 30+ MB/second read and write speeds. A more reasonably priced, high-performance flash drive is the 8 GB Patriot Xporter XT Boost. You can check Web sites, such as www.pendrivereviews.com, for performance benchmarks to help you choose a suitable drive within your budget.
Note
Some USB flash drives are sold with portable software, such as U3, installed. Before you proceed, uninstalling this type of software per the manufacturer’s instructions is recommended.
First, you boot your BackTrack DVD as follows:
1. Insert the DVD into your Windows system, and power on or restart your system if it’s already running. Assuming the BIOS is set to boot from the DVD drive before the hard drive, your system starts the BackTrack boot process.
2. At the BackTrack boot menu, press Enter (or wait for a bit) to accept the default boot settings.
Next, you partition and format your USB flash drive:
1. To find your USB flash drive’s device label, type tail -f /var/log/messages at the command prompt and press Enter. Insert the drive into an available USB slot on your system. A kernel message, similar to “sdb: sdb1,” is displayed. Write down the device label, and then press Ctrl+C to return to the command prompt.
Note
On newer systems that have an internal SATA drive formatted with a single C partition, the internal hard drive is assigned the device label “sda” for SCSI Disk A. The USB flash drive’s device label is “sdb” for SCSI Disk B. However, this label might vary depending on your drive configuration.
Caution
To ensure that you don’t erase data stored on your system, make sure the drive you partition and format is the USB flash drive, not the internal hard drive.
2. Type fdisk -l and press Enter to list the drives on your system. (This step gives you another chance to confirm that you’re formatting the correct drive.)
3. Type fdisk /dev/sdb and press Enter, substituting your drive’s device label for “sdb,” if necessary. Then type the following commands indicated in bold, pressing Enter where noted. (The text in parentheses explains the purpose of each command.) In this example, a 4 GB drive was used, and approximately half (2000 MB) was used for the primary partition.
d (Delete existing partition, assuming one is already on the drive) n (Create a new partition) p (Select primary as the partition type) 1 (Specify the partition number [the numeral 1]) Enter (Accept the first cylinder as the default partition start) +2000M (Specify the partition in megabytes from the start) n (Create a new partition) p (Select primary as the partition type) 2 (Specify the partition number) Enter (Confirm partition's default first cylinder) Enter (Confirm partition's default first cylinder) t (Assign partition's system type ID) 1 (Specify the first partition [the numeral 1]) b (Specify W95, FAT32 as partition system type) t (Assign partition's system type ID) 2 (Specify the second partition) 83 (Specify Linux as partition's system type ID) a (Toggle the partition's bootable flag) 1 (Make the first partition bootable [the numeral 1]) w (Write the partition table to disk and exit) mkfs.vfat /dev/sdb1 (Format first partition with FAT32 file system) mkfs.ext3 -b 4096 -L casper-rw /dev/sdb2 (Format second partition with casper-rw file system)
Next, you create a bootable BackTrack USB drive:
1. To mount the FAT32 partition you just created on your USB drive (sdb1, in this example), type the following commands, pressing Enter after each one:
mkdir /mnt/sdb1 mount /dev/sdb1 /mnt/sdb1
2. To copy the BackTrack files to your USB flash drive, type the following commands, pressing Enter after each one. (Note: Don’t forget the period at the end of the rsync command.) The copying process takes about 7 to 12 minutes, depending on your drive’s read and write speed.
cd /mnt/sdb1/ rsync -r /media/cdrom/*.
3. To install Grand Unified Bootloader (grub), type the following command and press Enter:
grub-install --no-floppy --root-directory=/mnt/sdb1 /dev/sdb
Now that you’ve created a bootable USB flash drive, the next step is enabling persistent changes:
1. Type startx at the command prompt and press Enter to start the KDE desktop manager, and open a Konsole shell. To change the default boot selection to persistent, switch to the grub directory and modify the grub menu by typing these commands, pressing Enter after each one:
cd /mnt/sdb1/boot/grub/ kate menu.lst
2. The BackTrack grub boot menu opens in the KDE Advanced Text Editor (Kate), which is similar to Windows Notepad. Press Enter to select the default editing session. (Tip: You can press F11 to display line numbers.) Change the setting in line 2 from 0 to 4 (so that the line is “default 4”) to select the Start Persistent Live CD menu item.
3. Set the correct screen resolution by adding vga=0x317 at the end of line 27. When you’re finished, the line should look like this:
/boot/vmlinuz BOOT=casper boot=casper persistent rw quiet vga=0x317
4. Save the file and quit Kate by pressing Ctrl+S and Ctrl+Q.
5. At the Konsole prompt, type reboot and press Enter. At the Linux console prompt, press Enter a few times. Remove the DVD, and boot with the USB flash drive. (Typically, vendors assign a function key that allows selecting the boot device.) After you have logged on to BackTrack and started the KDE desktop manager, create a file, save it on the desktop, and reboot again to confirm that the file persists. Congratulations! You now have a customizable BackTrack security-testing suite that you can fit in your pocket.
6. Optional: If you plan to use the USB flash drive for activities in this book, use it as is. If you’d like to update BackTrack later, after you finish the activities, open a Konsole shell, type apt-get update && apt-get upgrade, and press Enter. When prompted, press Y to download and install updates.
INSTALLING NEW SOFTWARE
Because BackTrack is an Ubuntu Linux distribution, thousands of free programs are available that you can download and install with just a few simple commands. These programs, which are specific to an OS version, are stored on Internet archives called repositories. Step 6 in the previous instructions explained how to update BackTrack. To install new software, you can simply use the command apt-get install pack-agename (replacing packagename with the name of the software package you want to install). If you don’t know the software package name, there are command-line tools you can use. However, you might want to use the graphical program Synaptic or Install and Remove Applications to help you search for and install a package. Click the KDE start button, point to System, and click Add Remove – Package Manager to start the Install and Remove Applications program. Use the Search text box to find the program you need.
COMMUNITY SUPPORT FOR BACKTRACK
To find the most recent BackTrack Linux updates and online forums for help in solving problems, visit www.backtrack-linux.org. This Web site is a good place to start if you want to learn more about BackTrack. For general information on Ubuntu Linux, visit http://help.ubuntu.com.