Hands-on with Kali Linux 1.0.7

Hands-on with Kali Linux 1.0.7

Summary: A new release of this specialised Linux distribution for forensic analysis and penetration testing is always good news

SHARE:
6

A new release of Kali Linux (the reincarnation of BackTrack) is always good news. Working in network security, forensic analysis and penetration testing it is important to keep your tools up to date, both so that you are protected from the latest known threats, and so that you have the latest tools at your disposal.

I wrote in some detail about the previous release, Kali Linux 1.0.6 in January, with a screenshot gallery. So I am not going into that kind of detail this time, I just want to cover the highlights of this new release.

The release announcement gives a brief overview of the new release. First, this release includes Linux kernel 3.14 so it will have the latest kernel improvements, bug fixes and hardware support. That in itself is good news.

Second, it specifically explains that it is not necessary to reinstall this new release from scratch. If you are already running Kali, you can just get the latest updates (dist-upgrade), and you're all set.

The Kali Linux Download page lists 32-bit and 64-bit ISO images. In addition to the standard "Live" images, which are a whopping 2.8GB, there are "mini" images which are only 25MB or so, which are roughly the equivalent of the Debian "netinst" (network installer) images.

If you use the standard images, you get pretty much everything in one package, and you can either work directly from a Live USB stick or Live DVD, as is often the case when investigating security issues, or you can install from the Live system to a hard drive.

The "mini" images are installers only, not Live images, and you have to have an internet connection to perform the installation (duh). During this you can customise the installation, choosing only the packages and features that you want.

There are also ARM images on the download page, and the release notes mention that there will be some additional virtual machine images available in the near future.

The Kali Linux ISOs are hybrid images, which means that they can either be burned to DVD media or dumped directly to a USB stick (with dd). They are still not UEFI boot compatible, but I suppose that is not as much of a problem/disappointment with this kind of specialty distribution as it is with a general purpose distribution. I would still like to see a UEFI Secure Boot version, though.

Kali Gnome
The Kali Linux Gnome Desktop

When you boot the Kali Live image, you get a Gnome desktop with all of the special Kali goodies (security tools and applications) integrated in the Gnome menu. From here you can work normally, as with any Linux Live system, or you can go to System Tools/Install Kali Linux to permanently install to a hard disk. Kali actually uses the Debian installer (duh, it's derived from Debian GNU/Linux), so that all proceeds smoothly.

I chose to install this Kali release to my Acer Aspire V5 system (mostly because that's the one that I have with me today). That meant I had to switch from UEFI boot to Legacy boot to run the installer — and more importantly, because Kali doesn't have UEFI boot support, I need something else to manage the boot process when I switch the Acer back to UEFI boot. In my case that "something" is the openSuSE GRUB bootloader, but it could also be done with the rEFInd Boot Manager, or with some other UEFI-compatible Linux distribution if you are multi-booting like I am. I hadn't through about it until just now, but since the current Debian releases already include UEFI support, I wonder why Kali hasn't picked it up yet?

One last thing about booting Kali Linux. The details of this are beyond the scope of this kind of general Linux blog, but one of the major advances in this release is support for Encrypted USB Persistence. This is specifically for people who will be booting Kali from a USB stick, it gives them the possibility to securely save changes to an encrypted partition on the USB drive.  I haven't had time to look at this in detail yet, much less actually try it out, but at first glance I think it probably removes one of the major reasons for carrying a dedicated laptop around for security analysis, rather than just a Live USB stick.

So there you have it, short and very sweet. If you are interested in network security, forensic analysis or penetration testing, this is a Linux distribution you need to know about. If you're already using it, just make sure that you pick up the latest updates so that you get the new kernel and tools.

Further reading

Topics: Linux, Open Source, Security

J.A. Watson

About J.A. Watson

I started working with what we called "analog computers" in aircraft maintenance with the United States Air Force in 1970. After finishing military service and returning to university, I was introduced to microprocessors and machine language programming on Intel 4040 processors. After that I also worked on, operated and programmed Digital Equipment Corporation PDP-8, PDP-11 (/45 and /70) and VAX minicomputers. I was involved with the first wave of Unix-based microcomputers, in the early '80s. I have been working in software development, operation, installation and support since then.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • Could I just copy this into my Virtual Box VM folder

    "and the release notes mention that there will be some additional virtual machine images available in the near future."

    as opposed to downloading and installing via Virtual Box?
    bunkport
  • Do you save any data on these systems at all?

    Considering how you partition them to a pulp, you must store your data on a network drive or cloud service, because of your constant formatting, partitioning and reinstalling.
    adacosta38
    • Not on every system

      I do not keep much data for any length of time on many of these systems, although I do take various of them with me when traveling, and then transfer the data after I return home. One or two of them are more permanent, and those contain more data.

      It seems to me that the alternative to what I do would be to write glowing articles about things that I have never actually tried myself, and declare some of them to be "the best Linux desktop ever". Personally, I prefer my approach.

      jw
      j.a.watson@...
  • Just curious, J.A. Watson

    Were your GNU/Linux systems hacked, requiring you to perform forensic analysis? Or are you, perhaps, trying to penetrate someone else' system? Someone, perhaps, like adacosta38?
    Rabid Howler Monkey
  • It wasn't/isn't hacked Linux systems

    My "day job" is in network/system security, and I occasionally have to investigate systems which have been compromised. Those are, of course, generally Windows systems; the only compromised Linux systems I have ever seen were because of idiotic passwords.

    As for your second question... that's an interesting prospect, but on second though I doubt there would be anything there worth looking at.

    Thanks for reading and commenting.

    jw
    j.a.watson@...
  • Data note

    In Linux user data is stored normally stored in the /home directory. It is common practice to have a separate home partition thus installation change other wise messing with the system files still preserves your data as long as you don't format the home partition. Unlike Windows Linux does not mush the system and user data together.
    Gogalthorp1