Thursday, 4 July 2013

Kali Linux review and a brief history of the BackTrack

Looks like Kali Linux is a great success. Kali Linux is the successor to BackTrack, the much loved Linux Penetration Distro/ Operating System that is aimed at penetration testers and security professionals. Before we dive into our brief review – we thought it would be cool to give a brief history of how Kali Linux came to be.
What is the history of Kali Linux and BackTrack?
We are all very familiar with Backtrack, which has been around for the last seven years – created and managed by Offensive Security, but what is the history of this famous Linux penetration testing distribution?
Much like we trace our ancestors back to Africa, so we trace Kali Linux back to Knoppix! Knoppix was one of the first ever bootable Live Linux Distro’s. Still in existence, Knoppix is a classic distro with a loyal community. Over time the Knoppix project was forked into WHoppix (yes the WH are meant to be capitalized) that was then re-forked into WHAX. WHAX was then re-branded and streamlined into the BackTrack that we all used. There is a common thread throughout these distros, (Knoppix, which became WHoppix, and then WHAX and finally into BackTrack); that is that the lineage focused on intrusion detection and digital forensics. BackTrack expanded the scope and allowed for many more tools to be incorporated into the distro. In any event, BackTrack had a long reign of almost seven years as the pentesters and hackers distro of choice. However, as of March 2013 the venerated distro was decommissioned and replaced by Kali Linux. Phew. Long story – but the bottom line is that Kali Linux is the result of a rich and colorful history.
So why bother changing the name?
Kali Linux is so different that the fine folks over at Offensive Security thought that to solve the ‘inherent problems’ of BackTrack the authors needed a complete re-write. The main issue with BackTrack v1-v5 was that it was a headache for dependencies. Here was the problem: too many pentesting tools embedded within BackTrack all struggled to co-exist within the dependencies. Many pentesting and security tools where not regularly updated by their creators so the result was that trying to update the entire OS often caused conflicts and tools would simply stop working, crash or even cause other tools to crash. A good example of this is Ettercap which was not updated for a long time.
The solution was to rebuild the distro bottom-up by making Kali Debian based. Before with BackTrack there was a /pentest/ folder, whereas now it is all updated and managed by Debian packages.
Kali Linux has 300 tools which automatically work within the Kali ecosphere. Kali also has been created with the clean “File system Hierarchy Standard” and offers vast plug and play wireless support, with the only exception appearing to be broadcom.
ARM Support
Another interesting feature about Kali Linux is that it supports ARM architecture meaning that you can use the distro on Raspberry Pi’s and Chromebooks etc. Incidentally, you can also create your own .iso file with Kali through the Debian lifebuild feature.
In summary
Kali is a well thought out penetration testing distribution which had to address its’ previous problems with regards to updates. The distro has two modes: forensics and default, all of which run best (in our opinion) in gnome. All the usual pentesting tools work with the distro with ease and the file hierarchy is the same as previous BackTrack versions – so you won’t have a problem using this distro if you are previous BackTracker. Offensive Security still insist that you run the OS as root so this probably won’t be your day to day distroFor pentesting Kali Linux is clearly an awesome OS with the world’s best pentesting suite of tools that can all be preconfigured. Couple that with the very large and loyal community, bug tracking service and attention to detail and yes, it is a solid pentesting Linux distribution.