Shulou(Shulou.com)06/01 Report--

Kali Linux is a Linux distribution that includes hundreds of software tools tailored to target users (* testers and other security experts). It also includes an installer that can be installed with Kali Linux as the main operating system on your computer. This is much like all other Linux distributions, but Kali has other different features, many of which are tailored to the special needs of testers. Let's take a look at these features.

1.4.1 one Live system

Compared to most Linux distributions, the ISO image downloaded from the Kali website is not only designed to install the operating system, it can also be used as a bootable Live system. In other words, you can use Kali Linux directly without installing it, and all you have to do is boot from the downloaded ISO image (usually, you will put this ISO image on USB).

The Live system contains tools that testers usually use, and even if your main system every day is not Kali, you can simply insert a CD or USB drive and reboot to Kali. It is important to note that the default configuration of ISO images is that runtime changes are not saved after the system is rebooted. If you use flash drives for persistence (see Section 9.4, "using flash drives to persist Live systems"), adjust the system according to your preferences (such as modifying configuration files, saving reports, upgrading software, installing other software packages), and save these adjustments, even after rebooting the system.

1.4.2 Forensics model

In general, when we do forensic work on a system, you want to avoid any changes to the data of the system being analyzed, no matter what the situation. Unfortunately, modern desktop environments attempt to automatically mount any detected disks, thus interfering with this goal. To avoid this behavior, Kali Linux has a forensics mode (enabled from the boot menu) to disable the above features (auto-mount).

The Live system is particularly useful for forensic targets because the computer can be rebooted to the Kali Linux system without accessing or modifying the computer's hard disk.

1.4.3 customized Linux kernel

Kali Linux usually provides the latest Linux kernel based on the unstable version of Debian. This will ensure solid hardware support, especially for many wireless devices. Because many wireless security assessment tools rely on wireless injection features, the kernel adds support for wireless injection through patches.

Because many hardware devices require the latest firmware (which can be found at / lib/firmware/), Kali installs all device firmware by default, including the valid firmware described in the Debian is not free section. These firmware are not installed by default in Debian because they are closed source and do not conform to the open source spirit of Debian.

1.4.4 fully customizable

Although Kali Linux is built by * testers for * testers, we don't think everyone will agree with our design decisions, or the selected tools that we include by default in Kali. To this end, we always make sure that Kali Linux is easily customized based on your own needs and preferences. To achieve this, the live-build configuration we released is used to build an official Kali image, so you can customize it according to your preferences. Thanks to live-build, it is easy to customize from the released configuration to achieve all the requirements you need.

Live-build includes many features, such as modifying the installation system, installing additional files, installing additional packages, running arbitrary commands, and even changing the preset seed values in debconf (note: debconf is used for silent installation).

1.4.5 trusted operating system

The user of a secure distribution rightly wants to know that the distribution used can be trusted and that it is developed in a public state, allowing anyone to check the source code.

Kali Linux is built by a small team of knowledgeable developers who work transparently and follow best security practices: they upload signature source packages and then build them in a dedicated build process. After that, the software package is verified and distributed as part of the signature library.

The work done on the software package can be fully checked through the Git software repository (including signature tags), which is used to build Kali source packages. The evolution of each package can also be tracked through the Kali package tracker.

1.4.6 for a wide range of ARM devices

Kali Linux provides binary packages for armel,armhf and ARM64 architectures (in the ARM architecture kernel, some have floating-point units (fpu) and some do not. Armel and armhf cannot be used without a fpu kernel. In the case of fpu, you can specify which one to use through the option of gcc-mfloat-abi. There are three values: one is soft, which is not calculated by fpu, even if there is a fpu floating-point unit; the other is armel, that is, softfp, which is calculated by fpu, but the parameters are passed in ordinary registers, so when interrupts, only ordinary registers need to be saved, and the interrupt load is small, but the parameters need to be converted to floating-point calculation. Third, armhf, that is, hard, is calculated by fpu, and the parameters are transferred by the floating-point register in fpu, omitting the conversion, and the performance is the best, but the interrupt load is high. Thanks to Offensive Security for providing easy-to-install images, Kali Linux can be deployed on many interesting devices, from smartphones and tablets to Wi-Fi routers, computers of all shapes and sizes.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.