I am always looking for interesting new developments in security analysis and penetration testing, and have been attending SANS Security conferences for a few years now, which has introduced me to several Linux distributions that I was not otherwise familiar with.
Although I have always installed whatever Linux they were using in the class on my laptop, I never seemed to keep it for very long afterward. Something always came up - either they weren't flexible enough, or updates were too difficult, or they were just based on a Linux distribution which was too old to begin with.
I have also tried to put some of the tools we used in the classes on other Linux distributions, and while that sometimes worked I all too often found that the tools were difficult to install/configure/update, and they generally didn't last either.
So, when I read the Kali 1.0.6 release announcement, there were two things in it which really caught my eye. First, it is now based on Debian 7 (Wheezy), and second, the Kali developers have made standard packages of all the tools included in it. I decided it was time to give it a closer look, in pretty much the same way that I look at any other Linux distribution, rather than waiting until I got to the conference this year.
The Kali Linux downloads page has ISO images for standard Intel/AMD 32-bit and 64-bit images, and also for ARM processors. The AMD 64-bit image that I downloaded is just over 3GB, so be prepared for a potentially lengthy download.
The Kali ISO is a Live image - you can burn it to DVD or dd it to a USB stick, and then boot and run it from there without ever installing it to a hard drive. This makes it well suited for use a emergency recovery/intervention media in a toolkit.
However, the ISO also includes the Debian installer, so you can easily install it to a hard drive, which is what I have done. For this purpose it is generally preferred to have a dedicated laptop, so you don't risk any confusion or contamination by booting other operating systems. I dragged out the old Fujitsu-Siemens Lifebook S2110 for this purpose.
This is the same system that I used for testing when openSuSE 13.1 was released, I just overwrote the entire disk with the Kali installation. Just saying that it is an "old" laptop is probably not strong enough - it's an AMD Turion 64 based system.
One minor drawback that I ran into is that Kali Linux doesn't appear to support UEFI boot or installation yet. For me that is not a problem, because I decided to use such an old system for it. Booting the Live image from DVD on the S2110 (USB boot not possible on this system) came up with no problem, and everything seemed to work, including both wired and wireless networking, display, keyboard, trackpad and USB ports.
That was enough to convince me to go ahead and install it; reboot and select the Kali installer, walk through that just like any other standard Debian installation, and give it plenty of time because 3+ GB of stuff is a lot to unpack and install. By the time it was finished installing, it was using 9.4GB of disk space. Whew. There's a lot of stuff included in this distribution.
This release of Kali Linux has Linux kernel 3.12.6 which is good news for those who need the latest kernel to support some new hardware (certain wifi adapters and graphic controllers, for example).
It uses the Gnome 3.4 'fallback' desktop, shown above, which will please those who are not happy with the latest Gnome 3 desktop. If you're not satisfied with that, there is a useful article in the Kali documentation the describes how to install other desktops (KDE/Xfce/LXDE/MATE etc).
The heart of Kali Linux is the security/penetration testing utilities.
These are found in the Gnome menu under Kali Linux. What a group it is, too. Some things you would certainly expect - or wouldn't even consider a "security focused distribution" without them, such as "wireshark" and "nmap", but lots more interesting things like "aircrack-ng" and "metasploit framework". If you look a bit more closely, you see that the Kali Linux menu starts off with a top ten list, which contains the tools that most security professionals reach for first. Nice to have them right there so handy. Then I noticed that the long list underneath of that "Top Ten" was not just the rest of the stuff, it was itself a list of sub-menus by category.
"Information Gathering" utilites on one menu, "Wireless Attacks" on another... "Web Tools", "Sniffing/Spoofing"; each of those is its own menu, and many of them have their own sub-menus.
Two things are clear at this point. First, Kali includes a ton of stuff, as I have said several times already.
Second, Kali is created, distributed and maintained by people who actually use it, so the default layout and organisation are very well thought out and very convenient to use.
Kali Linux also has the standard Gnome menus, with applications and utilities which are typical for a modern Linux distribution. Under "Accessories" you will find the usual array of text editors, terminal emulators, file manager, calculator and so on.
The rest of the standard menus are rather barren, however. "Graphics" only has a PDF viewer and the Gnome Image viewer. "Office" has a dictionary and a Note-taking utility. "Internet" has Iceweasel and Empathy. "Sound & Video" has VLC and Brasero. All adequate for the simple tasks they perform, and to provide convenient support to the primary purpose of Kali Linux - security analysis.
Finally, the "System Tools" menu contains a good collection of administration utilities. User and Password management, disk management (gparted, hooray), software management and much more. There is one special treat in here for old-time Linux users - "Midnight Commander". If you know what that is, you're smiling right now. A lot.
So, to summarize. Kali Linux is a Debian GNU/Linux derivative that is tightly focused on security analysis and penetration testing and it comes with a mind-boggling array of utilities for that pupose.
It installs easily, even on very old hardware, but not on UEFI BIOS systems unless you are willing to enable Legacy Boot.
If you are working in computer security, you probably know about Kali already, or at least its predecessor BackTrack Linux. If you haven't looked at it recently, or updated it recently, you really should do so.
The changes in installation, organization and packaging in this release are very significant, and they make using, configuring, maintaining and updating both the Linux operating system itself and the utilities included with it a lot easier. Next I am going to look at Knoppix, and compare it to the features and capabilities of Kali Linux. That should be interesting.