1.1 Linux Introduction-1-1.pdf

Full Transcript

Linux Introduction
IT002 - Information Assurance and Security 2
Module 1
Introduction

 Kali Linux is the world's most powerful and popular penetration testing
platform, used by security professionals in a wide range of specializations,
including penetration testing, forensics, reverse engineering, and
vulnerability assessment. It is the culmination of years of refinement and the
result of a continuous evolution of the platform, from WHoppiX to WHAX, to
BackTrack, and now to a complete penetration testing framework
leveraging many features of Debian GNU/Linux and the vibrant open
source community worldwide.
Introduction

 Kali Linux has not been built to be a simple collection of tools, but rather a
flexible framework that professional penetration testers, security enthusiasts,
students, and amateurs can customize to fit their specific needs. Although
Kali is decidedly multi-purpose, it is primarily designed to aid in penetration
testing. The objective of this book is not only to help you feel at home when
you use Kali Linux but also to help improve your understanding and
streamline your experience so that when you are engaged in a penetration
test.
History of Kali Linux

 The Kali Linux project began quietly in 2012, when Offensive Security
decided that they wanted to replace their venerable BackTrack Linux
project, which was manually maintained, with something that could
become a genuine Debian derivative, complete with all of the required
infrastructure and improved packaging techniques. The decision was
made to build Kali on top of the Debian distribution because it is well
known for its quality, stability, and a wide selection of available software.
 The first release (version 1.0) happened one year later, in March 2013, and
was based on Debian 7 "Wheezy", Debian's stable distribution at the time. In
that first year of development, we packaged hundreds of pen-testing-
related applications and built the infrastructure.
History of Kali Linux

 During the two years following version 1.0, Kali released many incremental
updates, expanding the range of available applications and improving
hardware support, thanks to newer kernel releases. With some investment in
continuous integration, we ensured that all-important packages were kept
in an installable state and that customized live images could always be
created.
 In 2015, when Debian 8 "Jessie" came out, we worked to rebase Kali Linux
on top of it. While Kali Linux 1.x avoided the GNOME Shell (relying on
GNOME Fallback instead), in this version It had added some GNOME Shell
extensions to acquire missing features, most notably the Applications menu.
The result of that work became Kali Linux 2.0, published in August 2015.
History of Kali Linux

 While the rolling distribution has been available for quite a while, Kali 2016.1
was the first release to officially embrace the rolling nature of that
distribution: when you install the latest Kali release, your system actually
tracks the Kali Rolling distribution, and every single day you get new
updates. In the past, Kali releases were snapshots of the underlying Debian
distribution with Kali-specific packages injected into it. A rolling distribution
has many benefits but it also comes with multiple challenges, both for
developers who is building the distribution and for the users who have to
cope with a never-ending flow of updates and sometimes backward-
incompatible changes.
Purpose and Use Cases

 While Kali's focus can be quickly summarized as “penetration testing and
security auditing”, there are many different tasks involved behind those
activities. Kali Linux is built as a platform because it includes many tools
covering very different use cases (though they may certainly be used in
combination during a penetration test).

Purpose and Use Cases

 For example, Kali Linux can be used on various types of computers:
obviously on the laptops of penetration testers, but also on servers of system
administrators wishing to monitor their network, on the workstations of
forensic analysts, and more unexpectedly, on stealthy embedded devices,
typically with ARM CPUs, that can be dropped in the range of a wireless
network or plugged in the computer of target users. Kali Linux can also be
deployed in the cloud to quickly build a farm of password-cracking
machines and on mobile phones and tablets to allow for truly portable
penetration testing.
 Once you have booted Kali, you will quickly discover that Kali Linux's main
menu is organized by theme across the various kinds of tasks and activities
that are relevant for pen-testers and other information security professionals
Kali Linux Application Menu
Kali Linux Tasks and Activities

 Information Gathering: Collecting data about the target network and its
structure, identifying computers, their operating systems, and the services that
they run. Identifying potentially sensitive parts of the information system.
Extracting all sorts of listings from running directory services.
 Vulnerability Analysis: Quickly testing whether a local or remote system is
affected by a number of known vulnerabilities or insecure configurations.
Vulnerability scanners use databases containing thousands of signatures to
identify potential vulnerabilities.
 Web Application Analysis: Identifying misconfigurations and security
weaknesses in web applications. It is crucial to identify and mitigate these issues
given that the public availability of these applications makes them ideal targets
for attackers.
 Database Assessment: From SQL injection to attacking credentials, database
attacks are a common vector for attackers. Tools that test for attack vectors
ranging from SQL injection to data extraction and analysis can be found here.
Kali Linux Tasks and Activities

 Password Attacks: Authentication systems are always a go-to attack vector. Many useful
tools can be found here, from online password attack tools to offline attacks against
encryption or hashing systems.
 Wireless Attacks: The pervasive nature of wireless networks means that they will always be
a commonly attacked vector. With its wide range of support for multiple wireless cards, Kali
is an obvious choice for attacks against multiple types of wireless networks.
 Reverse Engineering: Reverse engineering is an activity with many purposes. In support of
offensive activities, it is one of the primary methods for vulnerability identification and
exploits development. On the defensive side, it is used to analyze malware employed in
targeted attacks. In this capacity, the goal is to identify the capabilities of a given piece of
tradecraft.
 Exploitation Tools: Exploiting, or taking advantage of a (formerly identified) vulnerability,
allows you to gain control of a remote machine (or device). This access can then be used
for further privilege escalation attacks, either locally on the compromised machine, or on
other machines accessible on its local network. This category contains a number of tools
and utilities that simplify the process of writing your own exploits.
Kali Linux Tasks and Activities

 Sniffing & Spoofing: Gaining access to the data as they travel across the
network is often advantageous for an attacker. Here you can find spoofing
tools that allow you to impersonate a legitimate user as well as sniffing tools
that allow you to capture and analyze data right off the wire. When used
together, these tools can be very powerful.
 Post Exploitation: Once you have gained access to a system, you will often
want to maintain that level of access or extend control by laterally moving
across the network. Tools that assist in these goals are found here.
 Forensics: Forensic Linux live boot environments have been very popular for
years now. Kali contains a large number of popular Linux-based forensic
tools allowing you to do everything from initial triage to data imaging, to full
analysis and case management.
Kali Linux Tasks and Activities

 Reporting Tools: A penetration test is only complete once the findings have
been reported. This category contains tools to help collate the data
collected from information-gathering tools, discover non-obvious
relationships, and bring everything together in various reports.
 Social Engineering Tools: When the technical side is well-secured, there is
often the possibility of exploiting human behavior as an attack vector.
Given the right influence, people can frequently be induced to take
actions that compromise the security of the environment. Did the USB key
that the secretary just plugged in contain a harmless PDF? Or was it also a
Trojan horse that installed a backdoor? Was the banking website the
accountant just logged into the expected website or a perfect copy used
for phishing purposes? This category contains tools that aid in these types of
attacks.
Kali Linux Main Features

 Kali Linux is a Linux distribution that contains its own collection of hundreds of
software tools specifically tailored for their target users—penetration testers and
other security professionals. It also comes with an installation program to
completely setup Kali Linux as the main operating system on any computer. This
is pretty much like all other existing Linux distributions but there are other features
that differentiate Kali Linux, many of which are tailored to the specific needs of
penetration testers. Let's have a look at some of those features.
 1. A Live System. Alongside the main installer ISO images, Kali Linux offers a
separate live ISO image to download. This allows you to use Kali Linux as a
bootable live system. In other words, you can use Kali Linux without installing it,
just by booting the ISO image (usually after having copied the image onto a
USB key). The live system contains the tools most commonly used by penetration
testers, so even if your day-to-day system is not Kali Linux, you can simply insert
the disk or USB key and reboot to run Kali.
Kali Linux Main Features

 2. Forensics Mode. In general, when doing forensic work on a system, you want to avoid
any activity that would alter the data on the analyzed system in any way. Unfortunately,
modern desktop environments tend to interfere with this objective by trying to auto-mount
any disk(s) they detect. To avoid this behavior, Kali Linux has a forensics mode that can be
enabled from the boot menu: it will disable all such features. The live system is particularly
useful for forensics purposes because it is possible to reboot any computer into a Kali Linux
system without accessing or modifying its hard disks.

 3. A Custom Linux Kernel. Kali Linux always provides a customized recent Linux kernel,
based on the version in Debian Unstable. This ensures solid hardware support, especially for
a wide range of wireless devices. The kernel is patched for wireless injection support since
many wireless security assessment tools rely on this feature. Since many hardware devices
require up-to-date firmware files (found in /lib/firmware/), Kali installs them all by default—
including the firmware available in Debian's non-free section. Those are not installed by
default in Debian, because they are closed-source and thus not part of Debian proper.
Kali Linux Main Features

 4. Completely Customizable.Kali Linux is built by penetration testers for
penetration testers, but we understand that not everyone will agree with
our design decisions or choice of tools to include by default. Kali Linux is
easy to customize based on your own needs and preferences. To this end,
we publish the live-build configuration used to build the official Kali images
so you can customize it to your liking. It is very easy to start from this
published configuration and implement various changes based on your
needs thanks to the versatility of live-build. Live-build includes many
features to modify the installed system, install supplementary files, install
additional packages, run arbitrary commands, and change the values pre-
seeded to debconf.
Kali Linux Main Features

 5. A Trustable Operating System. Users of a security distribution rightfully
want to know that it can be trusted and that it has been developed in
plain sight, allowing anyone to inspect the source code. Kali Linux is
developed by a small team of knowledgeable developers working
transparently and following the best security practices: they upload signed
source packages, which are then built on dedicated build daemons. The
packages are then checksummed and distributed as part of a signed
repository. The work done on the packages can be fully reviewed through
the packaging Git repositories (which contain signed tags) that are used to
build the Kali source packages. The evolution of each package can also
be followed through the Kali package tracker.
Kali Linux Main Features

 6. Usable on a Wide Range of ARM Devices. Kali Linux provides binary
packages for the armel, armhf, and arm64 ARM architectures. Thanks to
the easily installable images provided by Offensive Security, Kali Linux can
be deployed on many interesting devices, from smartphones and tablets to
Wi-Fi routers and computers of various shapes and sizes.