16 replies to this topic

[Hedon James]

I don't see it mentioned on here much, if at all, but wondering if anyone has any experiences to share using Kali Linux?

Formerly known as Backtrack Linux, Kali is known as a distro for pentest/hackers, so it was never really of interest to me.  But I've recently read some articles where folks modify Kali at time of installation, effectively converting it to an everyday distro with rolling release schedule.  Now THIS sounds interesting to me!  Articles here, for reference:

https://haydenjames....ll-screenshots/

https://techmeout.or...i-linux-distro/

Considered collectively, I LOVE the idea of a Debian-based distro with rolling release schedule, custom build-up like Arch (without the fine-grained control of Arch, but I don't need that granular level of control), with a healthy community built around a community-supported distro.  And with the Kali devs maintaining the Debian Sid/Unstable updates, similar to what Manjaro does to Arch packages for Manjaro distro, this sounds like the perfect sweet spot for me and my custom-brewed Mimetic desktop.  I've got Arch, Manjaro, and Siduction in VMs, as all fit my criteria of a rolling release distro with large® user base, and community-controlled development.  However, all are just a little too close to the bleeding edge for my tastes.  I prefer leading edge over bleeding edge.  I prefer Manjaro of those 3, as I think the additional layer of packaging/testing is a good thing, rather than bad.  I don't care that a Manjaro package is 2-4 weeks older than its Arch counterpart; I'm interested in the extra 2-4 weeks to vet for stability.  Coming from an Ubuntu LTS-only background, those packages are new enough for me.  But if I can duplicate that model and still stay in the Debian family, that is even better, from my perspective!

I've already installed Kali in a VirtualboxVM (following tutorials above) and will be maintaining and testing to see how it goes, but I was wondering if anyone else had experience with Kali?  Other than pentesting?  I know we have some Siduction fans on here (sunrat?), so maybe they have thoughts too?  In my ideal scenario, I would imagine that Kali is to Siduction as Manjaro is to Arch.

Any thoughts to share?

[securitybreach]

Well Kali is really only useful if you are a pen tester and need some tools preinstalled. Otherwise, it is kind of useless as you will end up spending more time removing stuff that you will never use before being able to actually do some work. The same tools are available on most distros anyway but are not preinstalled.

One of the reasons that Kali is popular is because lots of people think that it is cool or that they will magically become a hacker because they user kali. This becomes a major problem as these are the same people that do not know what they are doing and running a distro as root without a user account gets them into trouble fast. It is not even meant to be an installable distro.

Personally I would suggest a distro that is meant to be used by regular people and that supports actually being installed on hardware. Kali is only meant to be a live environment with security applications preinstalled. I do not even know if they actually have update repos or just updated isos.

Ok, I was mistaken.. Kali is basically Debian Testing so it will have updates: https://docs.kali.or...st-repositories

[Hedon James]

If you download/install the "regular" Kali distros, everything you say above is true.  But they have a mini.ISO for customization, exactly the way you prefer it.

I've installed to HDD, with regular user (sudo for root), base desktop system and lxde.  There are no pentest tools anywhere in sight, or in menus.  Of course, I can if I want them, but I don't.

Looks like Kali is attempting to expand their intended audience & user base.

[securitybreach]

Ah ok, cool. Carry on then

[sunrat]

If I wanted a minimal system to build on I'd use Debian netinstall for testing or sid, or siduction noX version.
At Debian forums a lot of people post about Kali, usually kiddie wannabe hackers. Its popularity rose with the Mr Robot TV series.They get sent back to the Kali forums which are reportedly not very kiddie friendly.

[Peachy]

I've tested the Kali Raspberry Pi build with a small TFT touchscreen attached. The 3.5" screen from Adafruit is too small to make it really useable, but the Official 7" touch screen works nicely. The problem with touchscreens is you still need a keyboard for using the terminal. The suggested Linux virtual keyboards leave a lot to be desired from my usage. Perhaps they've improved in the last couple of years since I've used them. It might makea nice portable pentesting tool if that problem was solved for me.. We use it in our labs to teach students pentesting and security. And it looks cool when used in the TV series Mr. Robot.

[goretsky]

Hello,

I think it is very useful as an education tool.

Regards,

Aryeh Goretsky

[securitybreach]

goretsky, on 05 January 2018 - 10:38 AM, said:

Hello,

I think it is very useful as an education tool.

Regards,

Aryeh Goretsky

Neat stuff

[abarbarian]

goretsky, on 05 January 2018 - 10:38 AM, said:

Hello,

I think it is very useful as an education tool.

Regards,

Aryeh Goretsky

Thats a great community project.

[Hedon James]

I've been tinkering with the Kali distro, trying to morph it into an everyday driver.  I've finally gotten it to a place where that is workable, but only time will tell us how stable.  I must admit, it was a LOT of work, and there's some things that are still buggy, although not necessarily deal-killers.  Inasmuch as I have to "undo" some of Kali's configs & conventions, I'd agree with others that there are better choices of Debian distros to start from.  To date, I have:

- installed with regular user, root access via sudo; sudo works fine, but too many other programs are cofigured for root access, not regular user; user/group permissions require a LOT of tweaking...still not sure I have them all
- installed LXDE desktop; pulls in a combination of LXDE and LxQT tools...don't like that setup.  took forever to figure out MY preferred tools weren't working because invisible LxQT programs/service are running in session
- installed some extras, such as samba, avahi, xfce4 notifications; not sure if needed, but couldn't install printer because couldn't find service; once I solved that, couldn't find printers, so looked into smb.conf; like peeling an onion
- no sound in virtualbox; turns out its a common problem on hardware too; one of Kalis mottoes is "the quieter you are, the more you can hear", so not sure if sound is silent on purpose, or if this is another artifact of the regular user vs root setups; eventually solved by purging and reinstalling PulseAudio, various PA tools, and ALSA and performing some systemctl incantations, and then discovering that Kali boots with ALSA in the muted state.  It doesn't appear to be in the ALSA Mixer, but if I toggle the mute ON, then toggle OFF...I have sound.  This must be performed every time at boot, if I want sound.  I'm sure it's a an ALSA setting somewhere...
- I like desktop notifications and wanted to see how Kali would notify of updates.  I could not get xfce4-notifyd to work, nor even configured, as no changes would "stick"; I started to suspect another regular user vs root issue and, sure enough, "sudo xfce4-notifyd-config" allowed the root user to make desired changes regarding notification placement, appearance, timeout, fade, etc...  Went looking in user/group permissions and added my user to more groups, but still no change; long story short, lxqt-notifications was running as daemon in background, causing xfce4-notifications to act quirky.  What a weird way to do that.  LXQT is a desktop choice, as well as LXDE, and I chose LXDE for a reason...don't appreciate the LXQT tool in LXDE.  I've never seen that before...didn't even know LXQT had its own notification system.  Removed lxqt-notifications and autostarted xfce4-notifyd and tested system with "notify-send 'TEST'" messages and everything behaves as expected now.
- I've also looked for some other software in the Kali repos, but Kali repos aren't nearly as stocked as Debian.  Gnome-software is terrible in Kali.  No Software Center is available, but at least Synaptic is there.  No software updater though.  I looked into adding Debian PPAs, but Kali forums are littered with posts admonishing users NOT to add PPAs to Kali, as it WILL break your system at some point.  If Kali doesn't have a package I want, and I can't add a PPA, I'm not sure it's worth the trade-off to have Kali manage the updated software in their rolling repo.
- I've also learned their forum is disappointing.  Kali is designed as a hacker/pentest distro, so its no surprise their forum primarily consists of hacker/pentest issues.  However, while they seem to be attempting to expand their userbase with everyday distros (KDE, Gnome, LXDE, LXQT, XFCE flavors, etc...) and allowing installation, and non-root access, etc... their forums haven't caught up yet.  Most of my troubleshooting solutions came from Debian forums and....wait for it...ArchWiki!

All in all, a cool experiment that I'm not ready to flush.  I'll continue to keep an eye on it, and tinker, but I don't think it's ready for the modifications that the originally linked articles suggested.  For now, there are easier and better ways to accomplish the same thing.  JMO...

[securitybreach]

Wow, you have had quite the experience on Kali. I guess it is not ready for primetime as far as a daily driver.

[Hedon James]

The biggest issue, IMO, is the "root as regular user" configuration.  I don't understand why you'd allow it in the first place, let alone encourage it.  The security risks FAR outweigh the convenience, IMO.  And "undoing" that is a challenge, as it appears to permeate the entire system.  I think I have it "undone", but not 100% certain.  Again...time will tell, I think.

If they're trying to grow their base beyond the hacker/pentest niche, they need to provide a distro flavor that is closer to the paradigm of an everyday user.  The primary and secondary purpose(s) are just too incompatible, IMO.  Along those lines, I'm also watching SharkLinux...touted as an enterprise-level rolling-release of Ubuntu.  That's a sweet spot, IMO!  I really like the Ubuntu family, and I'd like to stay within it, but I'm sick of re-installing an OS every 3-5 years when the LTS is no longer supported.  SharkLinux solves all that (on paper), but makes root the primary user.  WTH?!  I don't get that....and I sure don't like it.

Plus, I truly prefer the LXDE desktop, whereas Shark is Mate.  Not a fan of LXQT, so far, and willing to be open-minded, but jeez.....how long does it take to merge 2 existing and viable desktops, with state of the art toolkit, into a stable & mature desktop?  It's been about 4 years now.  If LXDE ceases to become an option, I'd prefer Mate over LXQT.  So that's an option...

[securitybreach]

Hedon James, on 09 January 2018 - 12:19 PM, said:

The biggest issue, IMO, is the "root as regular user" configuration.  I don't understand why you'd allow it in the first place, let alone encourage it.  The security risks FAR outweigh the convenience, IMO.  And "undoing" that is a challenge, as it appears to permeate the entire system.  I think I have it "undone", but not 100% certain.  Again...time will tell, I think.

I think that was done because of the targeted audience, network and security professionals, who would normally run things as root.

[sunrat]

Should I Use Kali Linux?

Quote

...or if you want a distro that you can use as a general purpose desktop installation, Kali Linux is probably not what you are looking for.

[ebrke]

sunrat, on 04 January 2018 - 07:09 PM, said:

At Debian forums a lot of people post about Kali, usually kiddie wannabe hackers. Its popularity rose with the Mr Robot TV series.

Last time I got a glimpse of Mr. Robot's screen he was running Slackware.
EDIT: Unless that wasn't his own hardware--I can't remember the episode that clearly.

Edited by ebrke, 09 January 2018 - 06:26 PM.

[securitybreach]

ebrke, on 09 January 2018 - 06:23 PM, said:

sunrat, on 04 January 2018 - 07:09 PM, said:

At Debian forums a lot of people post about Kali, usually kiddie wannabe hackers. Its popularity rose with the Mr Robot TV series.

Last time I got a glimpse of Mr. Robot's screen he was running Slackware.
EDIT: Unless that wasn't his own hardware--I can't remember the episode that clearly.

No that was the young black guy that he was in prison with, Leon:

https://www.reddit.c..._s3s_e10finale/

What I do not get is why they show these distros but completely stock without even adding icons to the bars:

[ebrke]

securitybreach, on 09 January 2018 - 06:28 PM, said:

No that was the young black guy that he was in prison with, Leon

Ah, that explains it.