

Kali Linux
#1 OFFLINE
Posted 04 January 2018 - 10:47 AM
Formerly known as Backtrack Linux, Kali is known as a distro for pentest/hackers, so it was never really of interest to me. But I've recently read some articles where folks modify Kali at time of installation, effectively converting it to an everyday distro with rolling release schedule. Now THIS sounds interesting to me! Articles here, for reference:
https://haydenjames....ll-screenshots/
https://techmeout.or...i-linux-distro/
Considered collectively, I LOVE the idea of a Debian-based distro with rolling release schedule, custom build-up like Arch (without the fine-grained control of Arch, but I don't need that granular level of control), with a healthy community built around a community-supported distro. And with the Kali devs maintaining the Debian Sid/Unstable updates, similar to what Manjaro does to Arch packages for Manjaro distro, this sounds like the perfect sweet spot for me and my custom-brewed Mimetic desktop. I've got Arch, Manjaro, and Siduction in VMs, as all fit my criteria of a rolling release distro with large® user base, and community-controlled development. However, all are just a little too close to the bleeding edge for my tastes. I prefer leading edge over bleeding edge. I prefer Manjaro of those 3, as I think the additional layer of packaging/testing is a good thing, rather than bad. I don't care that a Manjaro package is 2-4 weeks older than its Arch counterpart; I'm interested in the extra 2-4 weeks to vet for stability. Coming from an Ubuntu LTS-only background, those packages are new enough for me. But if I can duplicate that model and still stay in the Debian family, that is even better, from my perspective!
I've already installed Kali in a VirtualboxVM (following tutorials above) and will be maintaining and testing to see how it goes, but I was wondering if anyone else had experience with Kali? Other than pentesting? I know we have some Siduction fans on here (sunrat?), so maybe they have thoughts too? In my ideal scenario, I would imagine that Kali is to Siduction as Manjaro is to Arch.
Any thoughts to share?
#2 OFFLINE
Posted 04 January 2018 - 11:13 AM
One of the reasons that Kali is popular is because lots of people think that it is cool or that they will magically become a hacker because they user kali. This becomes a major problem as these are the same people that do not know what they are doing and running a distro as root without a user account gets them into trouble fast. It is not even meant to be an installable distro.
Personally I would suggest a distro that is meant to be used by regular people and that supports actually being installed on hardware. Kali is only meant to be a live environment with security applications preinstalled. I do not even know if they actually have update repos or just updated isos.
Ok, I was mistaken.. Kali is basically Debian Testing so it will have updates: https://docs.kali.or...st-repositories



CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#3 OFFLINE
Posted 04 January 2018 - 12:00 PM
I've installed to HDD, with regular user (sudo for root), base desktop system and lxde. There are no pentest tools anywhere in sight, or in menus. Of course, I can if I want them, but I don't.
Looks like Kali is attempting to expand their intended audience & user base.
#4 OFFLINE
Posted 04 January 2018 - 01:06 PM




CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#5 OFFLINE
Posted 04 January 2018 - 07:09 PM
At Debian forums a lot of people post about Kali, usually kiddie wannabe hackers. Its popularity rose with the Mr Robot TV series.They get sent back to the Kali forums which are reportedly not very kiddie friendly.




For the things we have to learn before we can do them, we learn by doing them.
#6 OFFLINE
Posted 04 January 2018 - 07:10 PM

'freedom...is actually the reason that men live together in political organisations at all. Without it, political life as such would be meaningless. The raison d'Être of politics is freedom, and its field of experience is action'.
My Flickr Photo Blog
del.icio.us bookmarks
#7 OFFLINE
Posted 05 January 2018 - 10:38 AM
Aryeh Goretsky
Microsoft MVP 2004-2018 [Cloud and Datacenter Management]
(previously Networking, Windows, Windows for Devices and IT)
Facebook • Google+ • personal blog • personal website • Twitter • work blog
#8 OFFLINE
Posted 05 January 2018 - 01:07 PM



CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#9 OFFLINE
#10 OFFLINE
Posted 09 January 2018 - 10:01 AM
- installed with regular user, root access via sudo; sudo works fine, but too many other programs are cofigured for root access, not regular user; user/group permissions require a LOT of tweaking...still not sure I have them all
- installed LXDE desktop; pulls in a combination of LXDE and LxQT tools...don't like that setup. took forever to figure out MY preferred tools weren't working because invisible LxQT programs/service are running in session
- installed some extras, such as samba, avahi, xfce4 notifications; not sure if needed, but couldn't install printer because couldn't find service; once I solved that, couldn't find printers, so looked into smb.conf; like peeling an onion
- no sound in virtualbox; turns out its a common problem on hardware too; one of Kalis mottoes is "the quieter you are, the more you can hear", so not sure if sound is silent on purpose, or if this is another artifact of the regular user vs root setups; eventually solved by purging and reinstalling PulseAudio, various PA tools, and ALSA and performing some systemctl incantations, and then discovering that Kali boots with ALSA in the muted state. It doesn't appear to be in the ALSA Mixer, but if I toggle the mute ON, then toggle OFF...I have sound. This must be performed every time at boot, if I want sound. I'm sure it's a an ALSA setting somewhere...
- I like desktop notifications and wanted to see how Kali would notify of updates. I could not get xfce4-notifyd to work, nor even configured, as no changes would "stick"; I started to suspect another regular user vs root issue and, sure enough, "sudo xfce4-notifyd-config" allowed the root user to make desired changes regarding notification placement, appearance, timeout, fade, etc... Went looking in user/group permissions and added my user to more groups, but still no change; long story short, lxqt-notifications was running as daemon in background, causing xfce4-notifications to act quirky. What a weird way to do that. LXQT is a desktop choice, as well as LXDE, and I chose LXDE for a reason...don't appreciate the LXQT tool in LXDE. I've never seen that before...didn't even know LXQT had its own notification system. Removed lxqt-notifications and autostarted xfce4-notifyd and tested system with "notify-send 'TEST'" messages and everything behaves as expected now.
- I've also looked for some other software in the Kali repos, but Kali repos aren't nearly as stocked as Debian. Gnome-software is terrible in Kali. No Software Center is available, but at least Synaptic is there. No software updater though. I looked into adding Debian PPAs, but Kali forums are littered with posts admonishing users NOT to add PPAs to Kali, as it WILL break your system at some point. If Kali doesn't have a package I want, and I can't add a PPA, I'm not sure it's worth the trade-off to have Kali manage the updated software in their rolling repo.
- I've also learned their forum is disappointing. Kali is designed as a hacker/pentest distro, so its no surprise their forum primarily consists of hacker/pentest issues. However, while they seem to be attempting to expand their userbase with everyday distros (KDE, Gnome, LXDE, LXQT, XFCE flavors, etc...) and allowing installation, and non-root access, etc... their forums haven't caught up yet. Most of my troubleshooting solutions came from Debian forums and....wait for it...ArchWiki!
All in all, a cool experiment that I'm not ready to flush. I'll continue to keep an eye on it, and tinker, but I don't think it's ready for the modifications that the originally linked articles suggested. For now, there are easier and better ways to accomplish the same thing. JMO...
#11 OFFLINE
Posted 09 January 2018 - 10:14 AM



CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#12 OFFLINE
Posted 09 January 2018 - 12:19 PM
If they're trying to grow their base beyond the hacker/pentest niche, they need to provide a distro flavor that is closer to the paradigm of an everyday user. The primary and secondary purpose(s) are just too incompatible, IMO. Along those lines, I'm also watching SharkLinux...touted as an enterprise-level rolling-release of Ubuntu. That's a sweet spot, IMO! I really like the Ubuntu family, and I'd like to stay within it, but I'm sick of re-installing an OS every 3-5 years when the LTS is no longer supported. SharkLinux solves all that (on paper), but makes root the primary user. WTH?! I don't get that....and I sure don't like it.
Plus, I truly prefer the LXDE desktop, whereas Shark is Mate. Not a fan of LXQT, so far, and willing to be open-minded, but jeez.....how long does it take to merge 2 existing and viable desktops, with state of the art toolkit, into a stable & mature desktop? It's been about 4 years now. If LXDE ceases to become an option, I'd prefer Mate over LXQT. So that's an option...
#13 OFFLINE
Posted 09 January 2018 - 12:36 PM
Hedon James, on 09 January 2018 - 12:19 PM, said:
I think that was done because of the targeted audience, network and security professionals, who would normally run things as root.



CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#14 OFFLINE
Posted 09 January 2018 - 05:55 PM
Quote




For the things we have to learn before we can do them, we learn by doing them.
#15 OFFLINE
Posted 09 January 2018 - 06:23 PM
sunrat, on 04 January 2018 - 07:09 PM, said:
EDIT: Unless that wasn't his own hardware--I can't remember the episode that clearly.

Edited by ebrke, 09 January 2018 - 06:26 PM.
#16 OFFLINE
Posted 09 January 2018 - 06:28 PM
ebrke, on 09 January 2018 - 06:23 PM, said:
sunrat, on 04 January 2018 - 07:09 PM, said:
EDIT: Unless that wasn't his own hardware--I can't remember the episode that clearly.

No that was the young black guy that he was in prison with, Leon:
https://www.reddit.c..._s3s_e10finale/
What I do not get is why they show these distros but completely stock without even adding icons to the bars:




CNI Radio/G+ Profile/Configs/PGP Key/comhack π ∞
"Do you begin to see, then, what kind of world we are creating? It is the exact opposite of the stupid hedonistic Utopias that the old reformers imagined. A world of fear and treachery and torment, a world of trampling and being trampled upon, a world which will grow not less but more merciless as it refines itself. Progress in our world will be progress toward more pain." -George Orwell, 1984
#17 OFFLINE
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users