this post was submitted on 17 Dec 2024
101 points (97.2% liked)

Linux

48655 readers
475 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
101
submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]
 

Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.

you are viewing a single comment's thread
view the rest of the comments
[–] lambipapp 15 points 1 week ago (3 children)

I've heard about Kali Linux many times before. What does it do to make these tasks easier? Is it just that it comes pre installed with the right software or is there any other tweaks that is made?

[–] [email protected] 0 points 5 days ago* (last edited 5 days ago)

If you ever get involved in hacking, a lot and I mean a LOT of the tools are written in Python.

It can be a real PITA to set up a ton of different, standalone python programs, so kali linux comes with most of what people will need installed and ready to go.

Personal rant: Stop writing your programs in Python. If it's meant to be distributed, use a compiled language.

[–] [email protected] 23 points 1 week ago (1 children)

Pretty much that. It has all the sane defaults that protect and enable you when starting out in SecOps.

And for more experienced users it's later on: "before I setup everything again, I just use Kali."

[–] [email protected] 24 points 1 week ago (2 children)

It isn't a secure operating system. It is a toolkit for pen testing and red team hackers. Definitely not a daily driver kind of OS.

[–] Manifish_Destiny 8 points 1 week ago (2 children)

Except it is secure by design.

But you're right about it not being meant as a daily driver.

[–] [email protected] 5 points 6 days ago

it's not secure by design, since it's not made to be secure, and also uses unstable versions of a lot of packages to make certain exploits work

[–] [email protected] 3 points 6 days ago (1 children)

What do you mean secure by design? What part of it is secure. Compare it to actually security focused Linux operating systems like QubesOS, Kicksecure, or Secureblue. Literally any OS that supports the Brace tool (made by the creator of DivestOS) is much more secure than Kali Linux. Kali is purpose built for red team work, not being secure (aka reducing attack surface or designing around a threat model).

[–] Manifish_Destiny 2 points 5 days ago* (last edited 5 days ago) (1 children)

Kali is secure as in once it's configured, it cannot be accessed without creds, keys etc. That meets the definition of 'secure'. It's just Linux with a bunch of pre installed packages.

Of course something can always be more secure. But saying Kali isn't secure is like me saying your PC isn't secure because it isn't air gapped like my most secure PC.

[–] [email protected] 1 points 4 days ago* (last edited 4 days ago) (1 children)

PCs aren't secure. Linux default isnt secure. Kali has so many apps/tools installed by default that it isnt comparable to default Linux. It has massive attack surface and no security design, therefore calling it secure isn't accurate.

If no effort was put into the security design of an OS, why call it secure?

[–] Manifish_Destiny 1 points 3 days ago* (last edited 3 days ago) (1 children)

Okay if I turned off password auth, just used keys, disabled the Kali user and root login, how are you breaking in? Where's the vulnerability? Which cve or cwe are you able to exploit?

A large attack surface doesn't mean insecure. It just means less secure.

Source: I literally pentest for a living. No, I don't even use Kali on a regular basis.

[–] [email protected] 1 points 3 days ago (1 children)

My point exactly. A large attack surface means less secure. My point was that Kali isn't focused on being a secure OS. It is all about the tools. Even without a vulnerability, a secure OS should protect against unknowns.

[–] Manifish_Destiny 1 points 2 days ago (1 children)

You failed to answer my question. You're clearly missing the point intentionally. You're either a troll or retarded.

[–] [email protected] 1 points 2 days ago* (last edited 2 days ago)

I am not a troll. You don't need to be an ass.

Just because a system doesnt have a CVE doesn't make it secure. It needs proper exploit mitigations. Read why Linux isn't secure here.. The article is written by the lead developer of Whonix OS (Security hardened Debian with a focus on anonymity). If you had checked out any of the references from my previous comments you would have learned more about why I have this opinion.

Kali isn't any more secure than regular Debian, while also having a larger attack surface, and no kernel hardening, protecting of GUI, or application isolation. What makes it "secure"?

[–] [email protected] 6 points 1 week ago (1 children)

Where did I say otherwise? 🤔

[–] [email protected] -2 points 6 days ago* (last edited 6 days ago) (1 children)

You mention "sane defaults". That might mislead someone because it is ambiguous. The terminal ~~defaults~~ used to default to a root prompt, exemplifying that it isn't a distro focused on sane defaults for a desktop distro.

Kali is a tool for a specific job. Its meant mostly for hacking or troubleshooting/analysis, being an OS for executing a collection CLI/TUI and GUI utils.

-Edited everything to make myself more intelligible.

[–] [email protected] 5 points 6 days ago (1 children)

It has not defaulted to root prompt in many years.

[–] [email protected] 2 points 6 days ago

Thanks for some updated context.

[–] [email protected] 7 points 1 week ago* (last edited 1 week ago)

Purpose-built for Security Testing

What makes Kali Linux unique is its purpose-built nature for security testing. While other Linux distributions may have security tools, Kali Linux integrates a vast array of them out of the box. This saves time for professionals who require a quick setup for penetration testing and ethical hacking tasks.

Wide Array of Pre-installed Tools

Kali Linux boasts a comprehensive selection of pre-installed tools, including but not limited to Wireshark, Nmap, Metasploit, and Aircrack-ng. These tools cover a broad spectrum of security assessments, from network scanning to vulnerability analysis and exploitation.

https://www.jamesparker.dev/how-is-kali-linux-different-from-other-linux-distributions/###