ITS 4550 - Fraud Prevention and Deterrence

Chapter 12, Linux and Penetration Testing

This lesson presents material from chapter 12. Objectives important to this lesson:

1. Linux in general
2. Kali Linux
3. Using Kali
4. Linux Live CDs and DVDs
   

Concepts:

Chapter 12

This chapter is a high level overview of material from several of our other courses, Ideally, you will already know a great deal more about the subjects of Linux in general and Kali in particular than the text presents here. If, however, you do not have this experience, this chapter provides an introduction to the subjects.

The text begins with the statement that Linux began as an attempt to write an operating system similar to UNIX, but written for personal computers. This article on Wikipedia explains more about the history of Linux than the text does, and it also presents a very large scale version of the graphic on the right, which makes it clear that Linux versions can run on most any hardware you might imagine or want them to run on. (For an immediate view of a larger version of that graphic, just click the scaled down version that appears on this page.)

The text dwells briefly on Linux being an open source, user modifiable OS, but this ignores the various commercial versions that are now available. The text does mention that there are several varieties of Linux. The original was designed in 1991, and there have been many branches since. Page 293 lists eight different versions, which are also called distributions. Major distributions typically include one or more GUI options.

In addition to GUIs, Linux distributions also come with a choice of command line shells, each of which has a different grammar and a different set of utilities. To say that the user has several choices is true, but it is not very helpful. It is a little like shopping for a car. When you don't know anything about the options you are going to need, it is silly to be asked which ones you want. Unlike car shopping, some Linux options are still options even after have made your purchase.

The text turns to a version of Linux with lots of options included, and distributed ready to use for penetration testing: Kali Linux. It is easy to get lost in the wealth of tools that Kali includes. The author is quite complimentary, praising the usefulness of Kali for security testing. However, the author does not go into the use of those tools. In fact, looking over the training material on the Kali web site, there is little in the way of useful tutorials that introduce the product. Of the other sites I have found while making notes for this chapter, I would recommend the TutorialsPoint article about Kali, which includes a logical tour of features and graphic aids to their locations and uses.

Oddly, the text returns to a more generic discussion of Linux structure. The author explains that Linux distributions use the forward slash (/) to separate folder name in paths to files. Windows systems use the backslash (\) for the same purpose. It may be helpful to point out that URLs use forward slashes for the same purpose, and that many servers on the Internet run on Linux. For some of you, this is old news, for others, not so old. For those to whom this is news, take a few minutes and browse my notes for an older class introducing UNIX and Linux. Once you have looked over those notes, the author's discussion of Linux folders may make more sense, as well as his accurate warning that Linux cares deeply about capitalization. A Windows user who first encounters Linux is more likely to run into problems by failing to pay attention to the proper capitalization of commands, folders, and filenames than any problem having to do with slashes and backslashes. The text provides a list of commonly used file system commands on page 299. If you take a moment to imagine the problems that users might have, moving from an OS that cares nothing about capitalization to one that cares deeply and emotionally about it, you can appreciate the need for a GUI that gives you access to the basic tools needed for a file system.

On page 300, the text turns to what it calls a unique feature of Linux. Many versions of Linux are small enough that you can burn a copy of the OS to a single CD or DVD. Or a pretty big flash drive, for that matter. The point is that you can burn that copy so that it is complete (at the time of burning it), and bootable (assuming your hardware supports booting that way). This makes it possible to boot and run a computer from that disc, which makes it possible to recover data from a hard drive that won't boot. It also makes it possible to hack into the files on that computer's hard drive with Linux tools. Page 300 lists several reasons for having such a bootable disc, and some of them are clearly on the black hat or white hat side of the ethical fence. Regardless, you are more likely to get better use from a flash drive than an optical disc, since so many new computers no longer have optical drives.

The text points out that running Linux in a virtual machine is a good way to test the OS for hardware issues, and also a good way to test the hardware and software of the system where you are running the virtual machine.