From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Understanding Kali deployments - Linux Tutorial
From the course: Kali Linux for Advanced Pen Testing and Ethical Hacking
Understanding Kali deployments
- There are a number of ways to deploy Kali. As a hardware deployed system and as a virtual machine being the most popular. While Kali is usually deployed on standard x86 laptop hardware, it can also be deployed on an increasing number of other platforms, such as ARM-based tablets. A special configuration of Kali for a range of Android devices has been released, known as Kali NetHunter. And this is designed to be used for wifi and radio based testing. Kali is a special build of Ubuntu and deploys onto bare metal as a standard Linux system. The downside of being a hardware based deployment is that any changes made, which destabilize the system, may be difficult to roll back. In addition, any malware that infiltrates the system will remain until it's detected. And should the system be connected to a customer network, the malware may jump across. Virtualization has become a common approach to running systems with cloud-based virtual machines, making up the majority of enterprise service solutions. In premise systems, are now usually delivered using virtualization. Unsurprisingly, virtualization has also become popular in pen testing. And Kali is available as either a virtual box or a VMware image. The Kali VM operates exactly as a Kali image deployed directly onto hardware does. However, with a virtual machine, it's possible to take snapshots of the system from time to time to provide easy roll back to a known good point. Having deployed Kali as a virtual image means that the impact of testing tools can be more easily contained within a virtual network. Should a testing tool be accidentally misconfigured, potentially high impact testing may be run on an unintended target across the local LAN or the internet. An isolated virtual test network will ensure potentially destructive activities contained. Isolating the test network can also be useful for testing new exploits and tools. The impact and visibility of testing can be monitored in the virtual environment prior to letting them loose in the internet or a corporate network. When researching potential exploits for a target, we may need to download code. Sometimes source code is posted on the internet, which is deliberately designed to destroy the system it runs on. Not very sensible, nor mature, but a fact of life for pen testers. The use of machine code and encrypted payloads in source code can make it very difficult to determine whether the exploit is safe. Running as a VM means that even if the VM is destroyed by malware, it can be easily recovered from the VM image or a snapshot. A live deployment is one in which the Kali system runs from bootable media, such as a USB drive. And is enabled to make permanent changes to the media. Any changes applied during a session will not persist when the system is restarted. This makes live deployments ideal for executing the more hostile tests and ensuring that the test platform always starts up in a known and safe state. The downside, however, is that any new software loaded or any operating system upgrades applied, will not persist. There is a variant to the live deployment, which does allow persistence by storing a copy of the Kali image in a persistent data partition on the USB drive. This has to be done manually as shown in the offensive security site here. The normal way to use Kali in a training environment is via virtual image. However, you might want to install Kali as a bare metal alternative boot option, for production.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.