Additional Software

As well as the actual security tests, increasing importance is attached to documenting standards and data reconstruction. In the Forensics group, Kali Linux provides applications that are used for forensic examinations of data storage devices and systems. These include, among other things, rootkit scanners and the Sleuth Kit software suite, which incorporates a variety of forensic tools. Additionally, Kali Linux offers a few programs for data reconstruction in this group; these tools can retrieve partitions and data on supposedly deleted storage media.

Very large and potentially confusing logging data sets naturally accumulate – particularly during penetration tests and while sniffing data traffic. To simplify analyzing this data, the developers of Kali Linux bundled an impressive number of documentation tools in the Reporting Tools submenu. These tools are not only used for writing reports, but they also provide support with comprehensive audit documentation. Additionally, programs can be found here that you can use to customize screencasts and screenshots of web pages from the command line.

Installation

Unlike standard distributions, Kali Linux also comes with special features for various installation options. The downloaded ISO image works relatively slowly on an optical disk; Kali runs much more smoothly from a bootable USB memory device. It can also be operated in a persistent mode, which makes permanent storage of configuration data possible.

However, a few additional steps are necessary to create the operating system in persistent mode on a USB stick. The USB stick itself should, in this case, have a capacity of at least 8GB, because you need to create a separate partition manually for storing the persistent data. On the other hand, a capacity of 4GB is enough for conventional Live use of the operating system. You will find detailed information about the different installation options on flash drives on the official documentation website [2].

Before creating a bootable medium, it is important to look at the system requirements: In the 32-bit version, Kali Linux uses a kernel with PAE extensions. Some older Intel processors from the Pentium M generation and many Atom processors do not support this extension. This means that Kali Linux cannot be installed or run on these systems.

If your network includes wireless components, or if you run it completely as a WLAN, you need to pay attention to the wireless network card in your computer. Some manufacturers do not provide any modules for Linux, and others only implement a limited set of features, meaning that some Kali Linux programs cannot be used with your WLAN hardware. WLAN chipsets from Atheros, Ralink, and Realtek generally work well with Kali. Thanks to the proprietary firmware integrated in the operating system, you can access WLAN chipsets from Intel in almost all cases. With older WLAN components from this provenance, however, switching to the monitor mode often does not work, so these components are of very limited use for analysis purposes.

When installing Kali Linux in persistent mode on a USB stick, additional drivers or updates are difficult to install. Therefore, it's advisable to install the system permanently on a dedicated computer, especially for administrators who want to use Kali Linux in large, heterogeneous environments. The advantage of this method is that system updates are performed without any problems. Furthermore, driver problems, which can occur when you use WLAN components, can be avoided with a fixed installation on a desktop or notebook PC. If, on the other hand, you use a USB stick on various computer systems with different hardware, you run a high probability of the system occasionally not detecting the hardware – as is the case with some WLAN chipsets – and not being able to switch to monitor mode.

You can launch a permanent, fixed installation on a storage device in the GRUB boot menu by selecting the Install or Graphical install options. Kali Linux then starts the Debian installer, which will guide you through putting a working system on your hard disk in just a few steps. Because the installer wants to configure the network device – but needs a wired interface for this – you need to skip this step if you are only using a WLAN. After successfully installing the operating system on your disk and then rebooting, you can set up the WLAN configuration by selecting Applications | System Tools | Settings . In the dialog that opens, enter your WLAN credentials and add the Kali Linux system to your network (Figure 3).

Figure 3: You can configure your WLAN adapter in Kali Linux with just a few mouse clicks.

Encryption

When installing the operating system on a USB stick or local mass storage, as well as the default settings, you also have the option to encrypt the disk. An encrypted disk ensures that, in the case of theft of the laptop or the USB stick with Kali Linux, the existing databases will not end up in the wrong hands.

The installation routine also offers the Guided – use entire disk and set up encrypted LVM option for partitioning your storage device. After you select this option, the installer creates an encrypted root partition and a swap partition on the device, unless you explicitly specify otherwise. If you want a different partitioning scheme, you can create this by selecting the appropriate options with encryption.