Kali Linux Policies

1.5. Kali Linux Policies

While Kali Linux strives to follow the Debian policy whenever possible, there are some areas where we made significantly different design choices due to the particular needs of security professionals.

1.5.1. Single Root User by Default

Most Linux distributions encourage, quite sensibly, the use of a non-privileged account while running the system and the use of a utility like sudo when administrative privileges are needed. This is sound security advice, providing an extra layer of protection between the user and any potentially disruptive or destructive operating system commands or operations. This is especially true for multiple user systems, where user privilege separation is a requirement—misbehavior by one user can disrupt or destroy the work of many users.

Since many tools included in Kali Linux can only be executed with root privileges, this is the default Kali user account. Unlike other Linux distributions, you will not be prompted to create a non-privileged user when installing Kali. This particular policy is a major deviation from most Linux systems and tends to be very confusing for less experienced users. Beginners should be especially careful when using Kali since most destructive mistakes occur when operating with root privileges.

1.5.2. Network Services Disabled by Default

In contrast to Debian, Kali Linux disables any installed service that would listen on a public network interface by default, such as HTTP and SSH.

The rationale behind this decision is to minimize exposure during a penetration test when it is detrimental to announce your presence and risk detection because of unexpected network interactions.

You can still manually enable any services of your choosing by running systemctl enable service. We will get back to this in Chapter 5, Configuring Kali Linux later in this book.

1.5.3. A Curated Collection of Applications

Debian aims to be the universal operating system and puts very few limits on what gets packaged, provided that each package has a maintainer.

By way of contrast, Kali Linux does not package every penetration testing tool available. Instead, we aim to provide only the best freely-licensed tools covering most tasks that a penetration tester might want to perform.

Kali developers working as penetration testers drive the selection process and we leverage their experience and expertise to make enlightened choices. In some cases this is a matter of fact, but there are other, more difficult choices that simply come down to personal preference.

Here are some of the points considered when a new application gets evaluated:

  • The usefulness of the application in a penetration testing context
  • The unique functionality of the application's features
  • The application's license
  • The application's resource requirements

Maintaining an updated and useful penetration testing tool repository is a challenging task. We welcome tool suggestions within a dedicated category (New Tool Requests) in the Kali Bug Tracker. New tool requests are best received when the submission is well-presented, including an explanation of why the tool is useful, how it compares to other similar applications, and so on.