Stephen Smith's Blog

Musings on Machine Learning…

The Technology of “Influence” – Part 4 Kali Linux

with one comment


Introduction

In my novel “Influence”, the lead character J@ck Tr@de performs various hacking tasks. In the book he spends a lot of time securing his connections, hiding his identity and hiding his location. In this series of blog posts, I’m going to talk about the various technologies mentioned in the book like VPN, the Onion Browser, Kali Linux and using VHF radios. I’ve talked about HTTPS,  VPNs and the Onion Browser so far, now we’re going to discuss Kali Linux.

Linux is an operating system like Windows or MacOS. An operating system manages the hardware on your computer and manages running the applications that you use like a word processor or Internet browser. Linux is open source and free. There are many distributions of Linux, that are complete pre-built systems for you to install. The differences between the different distributions include things like how the desktop is configured to look, which other open source programs are bundled, when updates are installed, how updates are installed and how the system is configured. Kali Linux is one of these distributions that emphasizes security and comes with all the common open source security and hacking tools pre-installed.

Most hackers consider Linux better suited to their needs than Windows or MacOS. They don’t trust Microsoft or Apple to do a good enough job with security or worry about these big corporations spying on them. With Linux it’s easy to do things like change your MAC address and run the tools to keep you safe, secure and anonymous.

I blogged about Kali Linux for the Raspberry Pi last year here. J@ck would use this on the Raspberry Pi’s he has the homeless people plant in the garbage near coffee shops to tap into their wifi.

For anyone interested, my book is available either as a paperback or as a Kindle download on Amazon.com:

Paperback – https://www.amazon.com/dp/1730927661
Kindle – https://www.amazon.com/dp/B07L477CF6

 

Offensive Security

The philosophy behind Kali Linux is that for your network to be secure, you have to attack it like a hacker. You have to use all the tools in a hacker’s toolbox, to ensure hackers can’t break in. Setting up security isn’t just a matter of following a checklist of todo items. You have to think like a hacker and try to penetrate your security like a hacker. Or hire so called white hat hackers to do it for you. Generally it’s a good practice to get a second or third pair of eyes looking for holes and weaknesses. The good white hat hackers are in high demand, and don’t come cheap.

Kali Linux comes with all the common open source hacking tools pre-installed. So they are all there and ready to attack your network. Of course the advertising is all about white hat hackers using these for good. But, of course, this is the same Linux distribution and toolset used by most of the malicious black hat hackers.

Kali Linux is also fairly secure if you follow the various instructions during installation, about securing things with private/public keys and such. Kali Linux doesn’t install any application servers like web servers or database servers, since these are usually good targets for hackers to attack.

Kali Linux is based on Debian Linux, so you can do most of the things other Debian based distributions can do, like Ubuntu. Just without all the useful productivity applications pre-installed. Kali Linux has versions for small system on a chip (SoC) like the Raspberry Pi. In these versions, any tools that won’t run well on the more minimal hardware are left out.

Thinking Like a Hacker

You can find quite a few books on how to use all the tools installed with Kali Linux. These are all a good start, but like I said, setting up a recipe or checklist is insufficient. You have to learn to think like a hacker. You have to figure out how to find the weak points in a network and then how to keep poking at them from all sorts of angles until you can penetrate them. Remember the world of hacking isn’t static. Hackers are always discovering new techniques and new weaknesses to exploit. If you are serious about protecting your network’s security then you have to stay on top of the latest developments. Often the weak points aren’t in the software, but in the employees. Hackers will use so called social engineering attacks to trick you users into revealing their passwords or other key information. Perhaps the hacker will leave a few USB keys lying around, that contain viruses that will infect your network if plugged into a corporate computer. Perhaps the weakness is a third party piece of hardware like a network router or firewall. These are notorious for having backdoors or other security weaknesses. You have to ensure all these miscellaneous pieces of equipment are kept up to date, or replaced if a serious problem is discovered.

The Security Onion

A key metaphor in the security industry is that you want to design your security systems like an onion with multiple layers, and not like and egg with one shell, which once breached gives access to everything inside.

Perhaps at the outside of your network, there are secure firewalls, but then inside that there are products that detect malicious or suspect network traffic and set off alerts when discovered. Further all the servers on the networks have very few ports open for network traffic and all the ones that are open are configured to use quite strong forms of authentication. Its common to use two level authentication, where the user needs a code from their cell phone in addition to their password in order to logon. Perhaps the parts of the network aren’t connected, so if an intruder gets access to one server, he’s still isolated from all the others.

Designing secure systems is an art as well as a science. The good news is that there are many open source tools available to set up all these layers of security. So it doesn’t have to be expensive, except where you have to hire the people to put it all in place.

Summary

Kali Linux is the preferred Linux Distribution of hackers. It pre-installs all the common open source hacking tools and by default has a fairly secure configuration. Of course any hacker will further secure their system and install a few more specialty tools perhaps from the dark web or things they wrote themselves.

Written by smist08

January 2, 2019 at 11:47 pm

One Response

Subscribe to comments with RSS.

  1. […] Browser, Kali Linux and using VHF radios. I’ve talked about HTTPS,  VPNs, the Onion Browser and Kali Linux so far, now we’re going to discuss VHF Radio […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: