Hands-on with Kali Linux 1.0.7

A new release of this specialised Linux distribution for forensic analysis and penetration testing is always good news
Written by J.A. Watson, Contributor

A new release of Kali Linux (the reincarnation of BackTrack) is always good news. Working in network security, forensic analysis and penetration testing it is important to keep your tools up to date, both so that you are protected from the latest known threats, and so that you have the latest tools at your disposal.

I wrote in some detail about the previous release, Kali Linux 1.0.6 in January, with a screenshot gallery. So I am not going into that kind of detail this time, I just want to cover the highlights of this new release.

The release announcement gives a brief overview of the new release. First, this release includes Linux kernel 3.14 so it will have the latest kernel improvements, bug fixes and hardware support. That in itself is good news.

Second, it specifically explains that it is not necessary to reinstall this new release from scratch. If you are already running Kali, you can just get the latest updates (dist-upgrade), and you're all set.

The Kali Linux Download page lists 32-bit and 64-bit ISO images. In addition to the standard "Live" images, which are a whopping 2.8GB, there are "mini" images which are only 25MB or so, which are roughly the equivalent of the Debian "netinst" (network installer) images.

If you use the standard images, you get pretty much everything in one package, and you can either work directly from a Live USB stick or Live DVD, as is often the case when investigating security issues, or you can install from the Live system to a hard drive.

The "mini" images are installers only, not Live images, and you have to have an internet connection to perform the installation (duh). During this you can customise the installation, choosing only the packages and features that you want.

There are also ARM images on the download page, and the release notes mention that there will be some additional virtual machine images available in the near future.

The Kali Linux ISOs are hybrid images, which means that they can either be burned to DVD media or dumped directly to a USB stick (with dd). They are still not UEFI boot compatible, but I suppose that is not as much of a problem/disappointment with this kind of specialty distribution as it is with a general purpose distribution. I would still like to see a UEFI Secure Boot version, though.

Kali Gnome
The Kali Linux Gnome Desktop

When you boot the Kali Live image, you get a Gnome desktop with all of the special Kali goodies (security tools and applications) integrated in the Gnome menu. From here you can work normally, as with any Linux Live system, or you can go to System Tools/Install Kali Linux to permanently install to a hard disk. Kali actually uses the Debian installer (duh, it's derived from Debian GNU/Linux), so that all proceeds smoothly.

I chose to install this Kali release to my Acer Aspire V5 system (mostly because that's the one that I have with me today). That meant I had to switch from UEFI boot to Legacy boot to run the installer — and more importantly, because Kali doesn't have UEFI boot support, I need something else to manage the boot process when I switch the Acer back to UEFI boot. In my case that "something" is the openSuSE GRUB bootloader, but it could also be done with the rEFInd Boot Manager, or with some other UEFI-compatible Linux distribution if you are multi-booting like I am. I hadn't through about it until just now, but since the current Debian releases already include UEFI support, I wonder why Kali hasn't picked it up yet?

One last thing about booting Kali Linux. The details of this are beyond the scope of this kind of general Linux blog, but one of the major advances in this release is support for Encrypted USB Persistence. This is specifically for people who will be booting Kali from a USB stick, it gives them the possibility to securely save changes to an encrypted partition on the USB drive.  I haven't had time to look at this in detail yet, much less actually try it out, but at first glance I think it probably removes one of the major reasons for carrying a dedicated laptop around for security analysis, rather than just a Live USB stick.

So there you have it, short and very sweet. If you are interested in network security, forensic analysis or penetration testing, this is a Linux distribution you need to know about. If you're already using it, just make sure that you pick up the latest updates so that you get the new kernel and tools.

Further reading

Editorial standards