7.6. Summary In this chapter, we took a look at the concept of security policies, highlighting various points to consider when defining such a policy and outlining some of the threats to your system and to you personally as a security professional. We discussed laptop and desktop security measures as well as firewalls and packet filtering. Finally, we reviewed monitoring tools and strategies and showed how to best implement them to detect potential threats to your system. Summary Tips: Take time to define a comprehensive security policy. If you are running Kali on a publicly accessible server, change any default passwords for services that might beRead More →

7.5. Monitoring and Logging Data confidentiality and protection is an important aspect of security but it is equally important to ensure availability of services. As an administrator and security practitioner, you must ensure that everything works as expected, and it is your responsibility to detect anomalous behavior and service degradation in a timely manner. Monitoring and logging software plays a key role in this aspect of security, providing insight into what is happening on the system and the network. In this section, we will review some tools that can be used to monitor several aspects of a Kali system. 7.5.1. Monitoring Logs with logcheck The logcheck programRead More →

7.4. Firewall or Packet Filtering A firewall is a piece of computer equipment with hardware, software, or both that parses the incoming or outgoing network packets (coming to or leaving from a local network) and only lets through those matching certain predefined conditions. A filtering network gateway is a type of firewall that protects an entire network. It is usually installed on a dedicated machine configured as a gateway for the network so that it can parse all packets that pass in and out of the network. Alternatively, a local firewall is a software service that runs on one particular machine in order to filter orRead More →

7.3. Securing Network Services In general, it is a good idea to disable services that you do not use. Kali makes it easy to do this since most network services are disabled by default. As long as services remain disabled, they do not pose any security threat. However, you must be careful when you enable them because: there is no firewall by default, so if they listen on all network interfaces, they are effectively publicly available. some services have no authentication credentials and let you set them on first use; others have default (and thus widely known) credentials preset. Make sure to (re)set any password toRead More →

7.2. Possible Security Measures As the previous section explained, there is no single response to the question of how to secure Kali Linux. It all depends on how you use it and what you are trying to protect. 7.2.1. On a Server If you run Kali Linux on a publicly accessible server, you most likely want to secure network services by changing any default passwords that might be configured (see Section 7.3, "Securing Network Services") and possibly also by restricting their access with a firewall (see Section 7.4, "Firewall or Packet Filtering"). If you hand out user accounts either directly on the server or on one of the services,Read More →

As you begin to use Kali Linux for increasingly sensitive and higher-profile work, you will likely need to take the security of your installation more seriously. In this chapter, we will first discuss security policies, highlighting various points to consider when defining such a policy, and outlining some of the threats to your system and to you as a security professional. We will also discuss security measures for laptop and desktop systems and focus on firewalls and packet filtering. Finally, we will discuss monitoring tools and strategies and show you how to best implement them to detect potential threats to your system. 7.1. Defining a SecurityRead More →