Kali Linux: user manual, review and feedback

The security issues of operating systems of built organizational networks have always been the most important aspect of administration. To diagnose the presence of vulnerabilities, it was necessary to do a lot of work, and often even after it there were loopholes for intruders. Such manipulations noticeably simplified with the advent of Kali Linux. Instructions for its use are mostly available only in English. Such a system is not suitable for permanent home use, the more it is not recommended for beginners. This is a professional tool that you need to learn to use, requiring fine-tuning. And this requires sufficient experience and a full understanding of the actions to be performed.

Important Cautions

The capabilities of the Kali Linux operating system are so wide that not everyone uses them to improve the security of their own system. Often it becomes a convenient tool for misconduct by intruders. Therefore, it is important already at the initial stage of acquaintance to understand that certain manipulations that the system makes it possible to carry out may be illegal. Even installing Kali Linux and familiarizing yourself with it for educational purposes in some countries can lead to unpleasant consequences.

As a small tip, you can recommend to install the system on a virtual machine and work through VPN, if you do not want to be limited to its superficial study. When starting a network scan, you also need to use keys that will avoid problems with the law.

What is Kali Linux?

The predecessor of Kali is quite famous in the narrow circles of BackTrack Linux. At the heart of the second is Debian, and it provides support for packages and applications developed for this OS, which allows you to make the work quite comfortable by using the familiar tools. If necessary, it will be quite easy to find the program for Kali Linux.

The distribution includes all sorts of utilities that allow you to conduct a full security audit to prevent penetrations. Launched services, access to the computer through the network, used web applications and much more can be analyzed through the tools available in Kali Linux.

As you can already understand from the title, the system is built on Linux Kernel. The first version of the distribution kit was published more than two years ago. It collected all the most basic, the main accent was on the functionality, rather than on the external attractiveness. But the great popularity of the system, its active use in a professional environment led to the need to make changes to the distribution.

User reviews of Kali are mostly positive. The system has become more stable than BackTrack, the set of programs and utilities has expanded, but on some laptops sometimes the operating system stops seeing the built-in Wi-Fi adapter. This happens during the use of Live-start from the USB flash drive, the problem is corrected using an external adapter or installing the OS on the hard drive.

Changes in the new version

At the end of last summer, Kali Linux 2 was released. Thanks to the update, the system has become much more stable, and the working interface is more attractive. In addition, many utilities for such a lengthy by the standards of information technology have time to become obsolete. If earlier the new versions had to be searched and installed independently, now this work is done by the system itself, which allows to keep them up-to-date without much effort. In addition, the system itself was supported by work in the rolling distribution mode.

Technical features

The basis of the new distribution is Linux Kernel version 4.0, included in the release of Debian Jessie. As a graphical interface , Gnome 3.14 is currently used, and the workspace has acquired an updated style and interface, the menu has changed somewhat in separate paragraphs.

Available assemblies

At the moment there are various distributions that are easy to use under certain conditions. You can easily find Live-assemblies, images for popular virtual machines, installation packages. In addition, instructions are offered, following which you can prepare the assembly yourself. If necessary, your own image can be assembled to work with ARM, working with this architecture is perfectly supported, ensuring the multi-platform system. Then it becomes possible, for example, to install Kali Linux on a tablet or smartphone.

For those who have already installed the first version, there is the possibility of upgrading to the second one inside the system. It is enough to use a set of commands, including obtaining a new distribution and installing it. Details can be found in the official accompanying documents.

Getting started with the system. Theoretical basis

Extensive capabilities of the system are difficult to learn without studying the documentation of Kali Linux. Instructions for use, unfortunately, in the form of detailed manuals on fine tuning is available on the official site mainly in English, as in most other sources. However, a large number of fans generated in the emerging community the emergence of detailed Russian-language manuals based on their own practice. In addition, there are courses of training specialists in Russian as an entry level, and more advanced, for professional corporate work.

Practical development

To study the system it is enough to install it in any accessible and most comfortable way, especially since a large selection of available distributions of Kali Linux 2 allows it. However, for educational purposes, especially at the initial stages, it is better to use a virtual machine. This will be enough to learn a set of utilities that are included in the composition, get used to the user interface, start to confidently navigate the system.

While learning to work with Kali Linux, an instruction manual is simply necessary. In addition to the fact that the OS has rich capabilities that are difficult to learn without any documentation, installation requires a setup that will allow them to be used most effectively.

Practical mastering of the tools is best carried out on own equipment to prevent possible problems with the law, if the actions performed will contradict it, and somehow the fact of their implementation will become known to third parties.

Running from the USB flash drive

After completing the development phase of working with the system, you will want to apply it to analyze the security and eliminate the identified weaknesses in existing networks in the company or at home. The easiest way is to install Kali Linux on a USB flash drive, so that if necessary, the pre- installed distribution is always with you. This is quite easy to do if you use specialized programs for a working operating system, for example, Rufus. Often, it may be useful to support the saving of files in the system installed on the USB drive, and after it is rebooted. Such an option is also provided, but it's important to remember that for the described persistence mode, at the beginning of each download, you need to specify the appropriate mode so that the usual live mode does not start. In addition, if the simple version is enough flash drives for 2GB, then in the latter case, you will need additional space to create a separate section in which the necessary data will be stored.

Why is it useful to use Kali Linux?

Attackers in their work use specialized tools that can significantly reduce the time required for unauthorized entry into the network. For example, with the help of Kali Linux, hacking becomes much easier and more convenient, especially when passwords and hardware settings that are set by default do not change. Unfortunately, even in large corporations this happens quite often. After this, obtaining the necessary data is a matter of technique, for a qualified specialist the whole process does not present special difficulties. It is all the more important to use the same tools to identify vulnerabilities in your defense in order to complicate the work of such people. A simple practical example is the hacking of Wi-FI routers, which are installed in our time in almost every apartment, not to mention organizations.

The penetration into the network via Wi-Fi

To hack a Wi-Fi-router, it's enough to organize password sorting. But even on high-speed equipment this takes a lot of time. Modern routers work on the WPS protocol, designed to simplify network configuration. Not all users understand the security of wireless networks, they need any help in their configuration. With the use of this protocol, there is no need to set WPA / WEP encryption parameters that provide protection from unwanted access manually, they are set automatically, like the network name, by pressing a button on the router. It's an excellent idea, but, as it often happens, we found vulnerabilities, using which the password can be cracked in a few hours.

Not only that the WPS pin code consists of 8 characters, the last of which is a checksum, it is enough to check it with blocks, and not entirely, resulting in the number of possible combinations is reduced to 10998. Using Kali Linux, a Wi-Fi network through the included WPS Hack is fairly simple, and it will not take long. It is enough to use a utility that will monitor the network, and the one that directly searches for the pin code. For greater clarity, you can check how easy and fast it happens on the home router.

Thus, in order to secure itself, it is better to disable WPS on the router, where this option is active by default. Otherwise, every neighbor, even a schoolboy, can connect to the network and use it. The instructions for use are quite simple, this is one of the most common examples on all resources dedicated to this operating system.

Kali Linux WiFi: hacking

In short, then using the iwconfig command, we determine the available network interface (usually it's called wlan0, but it may be different).

After that, we start monitoring the active interface:

Airmon-ngstartwlan0

To find out which networks are in scope, execute the following command:

Airodump-ngmon0

Where mon0 is the name of a previously launched monitor.

From the list that appears, only those networks that have WPS included are of interest. To determine them, use the command

Wash-Imon0-C

Now you can choose any favorite goal and start selecting the pin code:

Reaver -I mon0 -b -a -vv

Here BSSID is written from the result of the previous command. If everything is done correctly, then the search of passwords will start. On average, the network is hacked from four to six hours. But some new models of routers are protected from attack by WPS and disable bust after a certain number of unsuccessful attempts.

And this is only one of the sides of Kali Linux. Instructions for use will give an exhaustive picture of the capabilities of the system.