Kali Linux | Information for newbies
Kali Linux is one of the Linux distributions designed for hackers and information security professionals. Therefore, it is not surprising that this raises its popularity and many newbies and people who do not have any knowledge of information security are trying to use this distribution as the main system. But Kali Linux is not designed for this at all. In today's article, we will look at what Kali Linux is, why you need it, and give an overview of Kali Linux.
1. Development history
Kali Linux was developed by the security firm Offensive Security. It was created on the basis of Debian and contains the developments of the distribution kit for digital forensics and security testing BackTrack.
The first version of BackTrack was released in 2006, it combined several projects, the main purpose of which was penetration testing. The distribution was intended to be used as a LiveCD.
In 2012, a distribution such as BackTrack ceased to exist, and instead of it Kali Linux appeared, which took over all the advantages of the previous version and all the software. It was the result of the merger of two projects: WHAX and the Auditor Security Collection. Now the distribution kit is steadily developing and the efforts of the developers are aimed at fixing errors and expanding the set of tools.
2. Purpose
The official website has the following description of the distribution: "Penetration Testing and Ethical Hacking Linux Distribution" or, in our opinion, a distribution for penetration testing and ethical hacking. Simply put, this distribution contains many security and networking tools that are geared towards computer security experts.
A Linux distribution is nothing more than a kernel and a set of basic utilities, applications, and defaults. Kali Linux does not provide anything unique in this regard. Most programs can be easily installed on any other distribution, or even on Windows.
The difference with Kali Linux is that it is filled with tools and settings that are needed for security testing, and not to ensure the normal operation of the average user. If you want to use Kali instead of the main distribution, you are making a mistake. This is a specialized distribution kit for solving a certain range of tasks, which means that solving tasks for which it was not intended will be more difficult, for example, the same search for programs. Kali Linux's capabilities are focused on security testing.
3. Installation
You can download the installation image on the official website, you just need to choose the architecture. After booting, be sure to check the disk for damage by comparing the SHA256 checksum. Since this distribution is intended for security testing, I really don't want it to be broken in any way.
4. Features
Many will be surprised, but the default user in Kali Linux is root. This is necessary because many programs need superuser rights to run. This is one of the reasons why you shouldn't use Kali for everyday tasks like surfing the Internet or using office applications.
If we talk about software, then all the supplied programs are focused on security. There are graphical programs, and there are terminal commands, and several basic utilities are included in the system, such as an image viewer, a calculator, and a text editor. But here you will not find office programs, e-readers, email programs and organizers.
Kali Linux is based on Debian, and nothing prevents you from installing a program from the repositories, for example, thunderbird for collecting mail. But viewing mail as the superuser is not a good idea. Of course, no one bothers you to create an unprivileged user, but this is extra work.
On the Kali Linux login screen, you can see the motto "The quieter you become, the more you are able to hear" or "The quieter you are, the more you can hear." If you watch the packages sent to the network by the Debian system, you will notice that some packages are regularly posted to the network. Some of them are sent by user applications, others by background services.
For example, if you scan your Linux machine with Nmap, you might see several open ports. For example, it can be a never used VNC port and an HTTP server. Some of these programs come by default, some you installed and forgot.
Kali Linux strives to be as quiet as possible. This is necessary to hide your presence in the attacked network and to protect yourself from potential attacks. To accomplish this, many services are disabled in Kali that are enabled by default in Debian. Of course, you can install the service you want from the Debian repositories.
For example apache2:
However, after that, the utility will not start automatically and will not be added to startup. If you need it, you will have to start it manually. On each reboot, all unnecessary services are disabled. It is possible to go around and add the service to the /usr/sbin/update-rc.d whitelist, but this is not entirely secure since you are opening the system path. Nobody knows if there are any vulnerabilities.
Kali Linux is a specialized distribution, if only because it is designed to work in an aggressive environment. And if you installed a web server and a few other programs, added them to startup, you may have already broken Kali and reduced its security.
5. Programs
As stated above, the Kali Linux distribution contains only specific security testing software. But many of the programs needed for normal operation are not available. And there is no guarantee that you will find them in the repositories, even if they are available in Debian.
You may want to add third-party repositories and application sources to install what you need, or add a repository that contains the most recent version of the program. You can, but you shouldn't. Even for Debian it is not recommended to do this, the developers call this phenomenon FrankenDebian and say that it can break the stability of the system.
Kali Linux is even more complicated. You risk not only damaging the system, but also making it unsafe. Packages from the repositories have been checked and contain additional changes, for example, the same Apache is not added to startup. Third party packages will not have such precautions.
We will talk about the software part in a separate article, because it is impossible to describe hundreds of unique tools in one article and not get confused.
Findings
Our review of Kali Linux features is coming to an end. Whether you should choose this distribution kit or not depends on you and the tasks that you are trying to solve with the help of the system. If you only need a few tools, then it is better to choose some simpler distribution, for example, Ubuntu or Debian. You will be able to install all the necessary tools in it. The same option is better for new users.
But if you are already well versed in Linux and are ready to spend a lot of time to understand information security, this system may be for you. But do not rush to install it on your computer. Use a virtual machine, then install it as a secondary, second system.
