How Debian OS became Kali Linux

Kali, Parrot & Co: These live systems identify security gaps in the network

David Wolski

There is a special class of live systems for security experts: Kali Linux is the ideal companion on the hunt for security gaps. Parrot Security OS also does this, but makes it easier to get started.

EnlargeSecurity specialists: Kali Linux, Parrot Security & Co

A Linux live system with the relevant tools is ideally suited as a tool to find weak points on servers, in networks and on individual systems. Why Linux is predestined for this task is explained by the network stack of the Linux kernel and the numerous libraries for programming and script languages ​​that can use its functions. There are therefore countless programs and scripts for Linux to search for security gaps in the network and on servers. Most of these are initially created for personal use, are rarely available in ready-made, easy-to-install packages, but require compilation or adaptation by hand. In many scenarios it is also important to work with an operating system that is similar to the attacked target system. And Linux dominates on internet servers.

Security distributions such as Kali Linux and Parrot Security OS, which are presented below, provide a fully equipped tool kit with precompiled tools that are immediately ready for use on the basis of a Linux live system. With their careful compilation and the good documentation on the project website, the two live systems set themselves apart from other distributions with a similar purpose. However, it is not for beginners to use: Many of the tools supplied are command line-oriented, the graphical user interface is a minor matter. With Parrot Security OS, however, the Mate desktop is definitely worth seeing and is well structured.

Kali Linux: Up-to-date and extensive

Kali Linux claims to be one of the best maintained and most extensively equipped representatives of its category. The developers are an international team of security experts from Offensive Security. Kali Linux is derived from the live system Backtrack and has been based on Debian since 2013. There are fresh editions of the security distribution several times a year to allow for the rapid development of the tools supplied.

The distribution is designed as a live system that, despite its size of almost three GB, starts up surprisingly quickly and easily on standard PCs from a burned DVD or USB stick. A brief boot menu shows some start options, such as a failsafe mode with ACPI support switched off, and for booting USB sticks also the "Live USB Persistence" operating mode, in which changes are saved on the stick (even in a Luks-encrypted partition). The system does not touch the hard disks, but the well-known Debian installer is also available via the boot menu, which Kali Linux can also permanently set up on a hard disk.

In its standard version, the live system starts a very up-to-date Gnome desktop 3.30. This desktop is already equipped with some shell extensions in the live system, which bring back traditional desktop elements such as the application menu and the taskbar. Those who cannot make friends with Gnome can also find issues with Mate, XFCE and LXDE on the download page (www.kali.org/downloads). These versions are the same in terms of functionality, with the exception of the light versions with greatly reduced software selection.

EnlargeBoot menu of Kali Linux: There is a boot option for starting the USB to save changes and data permanently, if necessary also encrypted on a Luks partition.

Kali Linux in action

The interface is completely in English. This can be changed via the menu that opens in the panel at the very top right by clicking on the settings symbol and then via "Region & Language". With the plus symbol you can also add the German keyboard layout there. For the connection to the network and WLAN there is the network manager in the top right corner of the Gnome panel.

Many of the tools supplied are command line-oriented and the tidy and simple graphical user interface is actually only a minor matter with Kali Linux. The automatically logged in user is immediately root and has the preset password “toor”, which must be entered, for example, when returning from the screen saver to the desktop. Manual login as root and with this password is necessary in the light edition of Kali Linux.

Kali Linux Light

Due to the requirement to deliver the most complete tool kit possible, security distributions such as Kali Linux and Parrot Security are generally very extensive. The Kali Linux Light (32) live system is a very slimmed-down version of Kali Linux with an XFCE desktop. Essentially, only the port scanner Nmap and the database cracker Sqlmap are preinstalled here. But all other required tools can be installed in the terminal at runtime with apt-get. For example the graphical front-end Zenmap for the port scanner Nmap:

In order to be able to use the full range of Kali Linux, you need to download the full live version of Kali Linux, which can be found at https://www.kali.org/downloads as "Kali Linux 64 Bit" or "Kali Linux 32 Bit" is available as an ISO, each comprising around three GB.

EnlargeKali Linux Light with a small selection of tools, can be expanded via the Debian package manager with apt-get.

The target groups of Kali Linux are professional pentesters, paranoid admins and adventurous beginners who find tried and tested, but also less well-known to obscure security tools, scanners and sniffers in Kali Linux. Using the tools on your own PC, server or network is absolutely legitimate and very useful. This enables you to find security holes in your systems before someone else does it to you. In this context, the programs are also legal in Germany, as this does not constitute unauthorized access to third-party computer systems.

All applications are located under "Applications". Below that, an impressive list of categories folds out, in which all pre-installed programs are sorted. If you want to get to know each tool, you should take hours to do it.

  • All network sniffers, WLAN and Bluetooth scanners as well as tools for database analysis are housed under “Information Gathering” - all programs that passively record data.

  • The "Vulnerability Analysis" category includes the well-known Nikto and Zenmap scanners to check servers and their services in the network for known security gaps.

  • The tools under “Wireless Attacks” deal with security in wireless networks and include the Kismet scanner, the WPS cracker Reaver and the all-round tool Fern.

  • The "Web Application Analysis", which includes the two proxy servers Burpsuite and OWASP Zap, which records HTTP requests and responses from web servers and can analyze them in detail, is all about web servers.

  • One of the most important categories is the “exploitation tools”, which includes the Metasploit attack framework. The useful crawler Dirbuster, which searches for known files and directories on web servers that have been forgotten by webmasters, is also on board. However, Kali Linux forgot a shortcut in the application menu. The tool can be found quickly via the "Activities" of Gnome.

EnlargeKali Linux menu: The live system contains a categorized selection of scanners and sniffers.

Conclusion: a well-stocked arsenal

Kali Linux is the classic among security distributions and thus also the model for many other systems of this type. The extensive program collection of Kali Linux offers the right tool for almost every purpose. Long rummaging through mailing lists, obscure websites and compiling source code is largely a thing of the past. If you are familiar with the tools, you can start with the analyzes and tests immediately. Systems like Kali Linux are helpful to those who already know what they need or who have enough time to experiment.

Colorful bird: Parrot Security OS

The Parrot Security OS live system is also based on Debian (testing branch). The system fledged a little later than Kali Linux and is very similar to it, but even more extensive in terms of features, and also a bit friendlier in structure and operation. There is a well-developed Mate desktop, which is surprisingly colorful for a system with the target group of security experts. It is started via a boot menu similar to that of Kali Linux, but the “German” submenu contains start options for a desktop that is partially translated into German. After starting the live system, after the automatic login, a selection menu for the desired keyboard layout appears - so there is no need to search for the setting as with Kali Linux. A click on the application menu opens the categorized list of pre-installed tools under “Parrot”. Their selection follows that of Kali Linux, which was the godfather in the equipment of Parrot Security OS: According to the typical tasks of pentesters, the programs range from tools for general analysis to tapping websites via WLAN scanners to forensic tools.