Exercise 01, Chapter 01 - Setting up our environment
- Create a new VM in VMWare (type Debian 64 bit).
- Assign it at least 2GB RAM, 2 CPUs, and 30GB Hard disk.
- Attach the Kali ISO to the virtual CDROM.
- Make sure VM is in NAT mode.
- Boot the VM, inspect and understand the Kali boot options.
Check each of the boot options. Use "tab" to edit boot parameters if using syslinux, or "e" if using grub.
- Live - Live boot, as usual.
- Live (failsafe) - boots with a minimal set of drivers and hardware checks.
- Live (forensics) - Boots without mounting anything, suitable for forensics work.
- Live USB Persistence (and encrypted) - Just add needed partitions, and boot menu is ready for persistence.
- Install - Regular, text mode installation
- Install Graphical - GUI installation mode
- Install with speech synthesis - Kali Installation for visually impaired users.
- Hardware Detection Tool - designed to display low-level hardware information.
- Memory Diagnostic - erm, diagnoses memory ?
Food for thought
- What versions of Debian is Kali 1.0 ,2.0 and Rolling based on?
- What are the main differences between a Live boot instance of Kali, and an Installed instance?
- What's the difference between live and forensics mode?
- How can we verify that forensics mode is working?
- What's the best way to get a tool included in Kali ?
- Name some of the cool features in Kali!
- Kali 1.0 was based on Debian Wheezy. Kali 2.0 is based on Jessie.
- Live mode boots to RAM, and an installed instance of Kali boots to a storage device.
- Live mode boots to RAM, but may auto-mount disks. Forensics mode does not auto-mount drives.
- Use the mount command to verify that no disks are mounted. You can also md5 the system's swap and disk devices, reboot into forensic mode and md5 again. The md5 hashes should match if forensics mode succeeded. Try this in a system you don't care about "tainting"!
- The best way to request for a tool addition is to open a “New Tool Requests” ticket in the Kali Bug Tracker.
- A live system, forensics mode, a custom linux kernel, completely customizable, a trusted operating system with default disabled network services, ARM support, preloaded security tools, penetration testing platform!