Advanced Research is an actively developing medical research company, and it needs to test and promote the corporate network security in order to avoid cyber attacks and losses of the corporate information. Advanced Research’s main requirements to the security testing software are the ability to identify vulnerabilities, prevent attacks by unauthorized sources and the cost-effectiveness of the security project.
The company uses a mix of Microsoft and *NIX technologies in order to support the corporate network. That is why, the BackTrack software suite can be discussed as an effective choice to meet the company’s requirements. The purpose of this proposal is to describe and evaluate the software and present its purpose and benefits supported with credible evidence.
Description and Purpose of BackTrack
BackTrack is the Linux security distribution or the penetration testing suite the latest version of which was released in 2012. The purpose of BackTrack is to provide complete tools for the effective penetration testing process (Ali & Heriyanto, 2011, p. 12).
As a result, BackTrack can be used for gathering information, checking network activities, identifying vulnerabilities, auditing specific web application, maintaining the access to the system and network, and conducting penetration testing (Simpson, 2012, p. 24).
BackTrack operates with the focus on penetration testing approaches which are supported with vulnerability assessment methods. Thus, the effectiveness of identifying vulnerabilities and overcoming these problems increases. BackTrack is appropriate to be used in professional fields.
Feedback and Reviews
Linux managers and developers focus on collecting the feedback on BackTrack 4.0 and BackTrack 5.0. According to the reviews, BackTrack can be easily used in the commerce environments because of the open access to the tools, and BackTrack is “good for web application assessment”, and it is “perfect for penetration testing” (Ali & Heriyanto, 2011, p. 54; Ramachandran, 2011, p. 89).
The specialists in the field of hacking note that the most advantageous feature of BackTrack is the variety of proposed tools which are quickly installed and can be actively used by professionals in many spheres (Walker, 2011, p. 22-28). BackTrack is also one of the first systems which began to propose the tools for digital forensics (Simpson, 2012, p. 24).
Experience with BackTrack and Test Results
The experience with BackTrack supports the idea that the security distribution can be effectively used in different environments. The suite is quickly installed and easily operated. The effectively organized menu provides a lot of options which can be actively used to realize different types of penetration testing.
The forensics mode is effectively operated while providing the opportunity to investigate a system efficiently. The BackTrack suite is effective to test the network because it includes such a network scanner as Nmap and such a gathering tool as Maltego.
Benefits of BackTrack
The benefits of using BackTrack at Advanced Research are in the fact that the security testing software is developed specially for identifying vulnerabilities and conducting the penetration testing.
The suite can be effectively used within the Advanced Research’s system because it is based on the Linux platform, it is appropriate for Windows XP and 7 used in the company, and it works with Cisco Routers. The variety of the proposed security tools addresses the main company’s needs. The software can be discussed as effective to meet the company’s objectives.
Cost of the Product
The BackTrack suite can be freely downloaded from the Linux website. The downloaded information is a live ISO file for DVD, and it can be saved as a live DVD version (Ali & Heriyanto, 2011, p. 22). The use of the USB stick is also possible.
The distribution can be downloaded for 32-bit and 64-bit machines (Ali & Heriyanto, 2011, p. 23). The downloaded versions are used for Windows XP and 7 that is why there are no additional costs for software or hardware. To work with BackTrack, the additional training is not necessary, but it is possible to freely download the manuals from the official website.
The Software’s Impact on the Production Environment
To contribute to saving the important Advanced Research’s data and to avoid unauthorized accesses to the databases, it is necessary to test Backtrack for Denial of Service (DoS) attacks and for database attacks. These tests do not interrupt business operations significantly because they can be conducted by IT managers during extra hours.
Two tests can be conducted during an hour, and it is possible to avoid production outages effectively. The test for DoS attacks is conducted with the help of Stress Testing option, and it is possible to use the Cisco Router information to cope with the attacks.
Advanced Research uses the MySQL database among others, and the test for it can be conducted without interrupting the work with other databases. Backtrack solves effectively the problems associated with weak credentials, and the default accounts are checked in time (Ramachandran, 2011, p. 38).
Proposal
The BackTrack suite should be proposed for using at Advanced Research because this open-source system is cost-effective, and it contains all the tools which are necessary in order to resolve the problems experienced in the company.
The security testing software provides a variety of updated tools which are appropriate for using within Advanced Research’s environments in order to identify vulnerabilities and prevent attacks realized by unauthorized users.
References
Ali, S., & Heriyanto, T. (2011). BackTrack 4: Assuring security by penetration testing. NewYork, NY: Packt Publishing.
Ramachandran, V. (2011). Backtrack 5 wireless penetration testing: Beginner’s guide. NewYork, NY: Packt Publishing.
Simpson, M. (2012). Hands-on ethical hacking and network defense. NewYork, NY: Cengage Learning.
Walker, M. (2011). CEH Certified Ethical Hacker. New York, NY: Mcgraw-Hill Osborne Media.