Friday Distro: Kali Linux

by
in linux on (#2S34)
story imageIn the Hindu pantheon, Kali represents death and change, the dispelling of evil and the devouring of the unwanted. She is forbidden, and even death itself, but therefore also an element of salvation. In the Linux world, she is like opening a can of whoop-ass on your server.

Kali Linux (appropriately named, if I may say so) is a Linux distro focused on penetration and exploit testing, and therefore the element of change that will get you to shore up all those gaping configuration gaps in your systems: it's perhaps your salvation! But enough metaphors. Practically, Kali Linux installs on a DVD or pendrive, and contains dozens and dozens of specialized penetration testing tools to test your system. It's developed by the folks at Offensive Security, and grew out of the well-acclaimed Backtrack Linux, which had the same focus.

It's based on Debian rather than Ubuntu so you get a dated version of the Gnome 2 desktop, but who cares? It's not really a desktop, just a platform for launching tools. Over three hundred of them, from information gathering to vulnerability analysis, password attacks, wireless attacks, spoofing, stress testing, reverse engineering, hardware hacking, forensics, and more. As mentioned, you can run it from a DVD, pendrive, or even remote-boot from PXE or install to Amazon cloud. To make it as useful as possible they support ARM aggressively including ARMEL and ARMHF (and of course Raspberry Pi and cousins), plus as many different wifi devices as humanly possible.

They're innovating, too, producing opensource products like the ISO of Doom (hardware backdoor), custom images, the Evil Wireless Access Point, and more.

Fun stuff if you want to ensure your system is as safe as possible; scary stuff if you don't want to bother. Kali's Distrowatch page has more information including a link to their excellent documentation (the best place to start if you want to know what else Kali does), but ZDNet has a good review and LinuxBSDOS has another cursory review with some decent screenshots.

Re: Very nice (Score: 1)

by zafiro17@pipedot.org on 2014-09-05 12:11 (#2S36)

For me it was a learning experience to see how many different software tools have been developed for the purpose of brute forcing a poorly defended system. Holy crap. In the same way I've seen both sides of forum spam. I run http://gotonicaragua.com and battling forum bot-spam has been a problem since day one. But as sysadmin on that machine I also get tons of email offering the services of guys who have developed and run custom blog-posting and forum-posting software whose purpose obviously is to deliver exactly what I hate. Interesting to see both sides of the equation.

This penetration testing stuff is powerful stuff. Interesting to me to see just how well-developed it is.
Post Comment
Subject
Comment
Captcha
35, eighty or 18: the largest is?