Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kali Linux, Successor of the BackTrack Penetration Testing Distro, Launched

Posted by Unknown on from the no-one-is-safe dept.

mask.of.sanity writes "Kali, the sixth installment of the BackTrack operating system has been launched. The platform is a favorite of hackers and penetration testers and has been entirely rebuilt to become more secure, transparent and customizable. Metasploit too has been rebuilt to be more stable with an optional noob-friendly interface. Kali even works on ARM devices and comes ready to go for your Raspberry Pi." The big new feature is that it's been repackaged as a flavor of Debian, instead of using their own custom packaging magic.

36 of 59 comments (clear)

  1. IPX over Kali by tepples · · Score: 3, Funny

    The last time I checked, Kali was some sort of VPN to tunnel IPX (NetWare protocol) over IP. It appears to have been popular when Warcraft II was around. Oh well, there are only so many names for things.

    1. Re:IPX over Kali by Yannic · · Score: 2

      The last time I checked, Kali was some sort of VPN to tunnel IPX (NetWare protocol) over IP. It appears to have been popular when Warcraft II was around. Oh well, there are only so many names for things.

      Kali/Kahn. Sluggish over a modem, but incredibly fun, and much easier to set up than making Real Life friends with parents that would let them lug the computer around for a LAN party!

      \/\/\/

    2. Re:IPX over Kali by dAzED1 · · Score: 1
      last I checked, Kali was some sort of Hindu goddess with 4 arms, that likes to stick her tongue out. That might not be as old as a VPN tunnel though...

      (After googling "kali," why did you pick that of all things as prior-name?)

    3. Re:IPX over Kali by wbr1 · · Score: 1

      Kali was the succesor to iFrag. Before iFrag was iDoom. I was an iDoom beta tester. Am I dating myself? Sigh..

      --
      Silence is a state of mime.
    4. Re:IPX over Kali by Anonymous Coward · · Score: 4, Funny

      Am I dating myself? Sigh..

      It depends. Is one of your hands your new girlfriend? If yes, then you are dating yourself.

    5. Re:IPX over Kali by Anonymous Coward · · Score: 1

      I'm glad you were good at the game, but what game?

    6. Re:IPX over Kali by unixisc · · Score: 1

      So we have a BSD named after Shiva (Mahesha BSD) and a Linux named after Kali? Awesome ;-)

    7. Re:IPX over Kali by MillerHighLife21 · · Score: 1

      Used to play so much Duke Nukem over Kali on my 56k modem back in the day.

      --
      "Don't teach a man to fish, feed yourself. He's a grown man. Fishing's not that hard." - Ron Swanson
    8. Re:IPX over Kali by Aizenmyou · · Score: 1

      I actually still have my Kali reg codes to this day. (kali.net)

    9. Re:IPX over Kali by antdude · · Score: 1

      Yep, I thought this was about that old Kali program. I still have my serial number!

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
    10. Re:IPX over Kali by rmstar · · Score: 1

      The last time I checked, Kali was some sort of VPN to tunnel IPX (NetWare protocol) over IP. It appears to have been popular when Warcraft II was around. Oh well, there are only so many names for things.

      They could have called it Cali Linux, which would have been a little more original and also fitting.

  2. FFS stick with one name. by ledow · · Score: 4, Insightful

    FFS stick with one name.

    Isn't this the distro that went through WHAX, Whoppix, etc. before becoming BackTrack?

    Pick one damn name and stick with it.

    1. Re:FFS stick with one name. by Anonymous Coward · · Score: 1

      and it was Auditor/remote-exploit before that. Max Moser was primary in that, it was very good (not that the successors were not).

    2. Re:FFS stick with one name. by Anonymous Coward · · Score: 5, Funny

      Pick one damn name and stick with it.

      Sounds like they need to stop backtracking on names.

    3. Re:FFS stick with one name. by Chris+Mattern · · Score: 2

      Prepare to meet Kali. In Hell!

    4. Re:FFS stick with one name. by Zero__Kelvin · · Score: 1

      Right. If you are going to change things completely at least use the same name so I won't know it is different!

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    5. Re:FFS stick with one name. by game+kid · · Score: 1

      Don't worry. They'll eventually (air)crack the code for a proper name and find one they can (n)map their system to.

      --
      You can hold down the "B" button for continuous firing.
    6. Re:FFS stick with one name. by Anonymous Coward · · Score: 1

      *Snort* Yeah right, it seems their Kismet to be un-Able to find a name that no one has a BeEF with.

    7. Re:FFS stick with one name. by Jane+Q.+Public · · Score: 2

      You mean like Windows 8?

    8. Re:FFS stick with one name. by cbiltcliffe · · Score: 1

      This rename actually makes sense. Previously, with BackTrack, it was almost an LFS approach. Installing it on a hard disk was a complex, multi-step process that could go wrong as easily as it could go right. It involved booting the live CD, creating all the partitions/filesystems on your HD, mounting them, and then copying all files from the running live CD over to your HD manually. Manually, as in "cp -a". Then you had to configure the bootloader, again manually, to make sure it would boot from the HD after removing the live CD.
      Sometime along the way, somebody wrote a GUI script to do the install visually, but I never managed to get it to work properly, despite numerous attempts over numerous versions. It always either hung for hours, or finished up, but on reboot the installed system wouldn't come up, or whatever. Eventually I gave up, and just did all my installs manually from the get go.
      Now, not only were all these steps necessary for an initial install, but they were also necessary for upgrades, because there *was* no upgrade path from one version to the next. It was a clean install, or nothing.

      Kali, on the other hand, is a complete rebuild based on the Debian packaging system. You can install it over the network, like Debian, you can pick the packages you want, like Debian, and most importantly, you can upgrade from one version to the next seamlessly, simply by updating your apt sources, like Debian. You can also build your own custom live CD using Debian's live-build scripts, which was all but impossible with BackTrack.

      Its purpose is the same, and it was designed by the same group of people, but it really is a completely new distro.

      --
      "City hall" in German is "Rathaus" Kinda explains a few things......
    9. Re:FFS stick with one name. by TuxWithoutPants · · Score: 1

      What's wrong with dictionary hacking your own name?

    10. Re:FFS stick with one name. by ledow · · Score: 1

      Heard the same for Whax (Let's base on Slax because it's easier to..... blah blah blah), Whoppix (let's base on Knoppix because it's easier to.... blah blah blah) and Backtrack (let's start again with LFS this time [I think, correct me if I'm wrong]... blah blah blah). And now they've gone around again. I've never seen one distro go through so many base distros in all the time I've been using Linux. It's just ridiculous.

      You know what? I just want to run the damn tools, whether from LiveCD or install. I couldn't care less what packaging they use because the point of the distro was to be a pen-testing distro, so it should all come pre-installed and I just update (in whatever manner) when necessary. What damn distro it's based on, I couldn't care less.

      But I *do* care about being able to find the damn thing or point over people to it when they need it and it changing name every year is just unnecessary hassle and hindrance. Why not just stick with a name, and change the underlying distro? Who would care? Who would even notice on a pre-packaged, single-purpose distro? It's not like you're going to be running your desktop apps on it, or using it on servers.

      Every year they basically wipe themselves off Google and it's not the sort of thing you download every day to keep up with it. And, to be honest, I have had no idea if they ARE the same people each time - and for a pen-testing distro that's not reassuring, and I shouldn't have to go verifying it.

      Pick a name, stick with it. What you do to the internals, I don't really care so long as I can use the tools you advertise to have pre-installed (and this latest distro? Doesn't tell you the list of tools it's got but the old BackTrack website does!). But if you jump around websites, change name, and change everything underneath all the time, then I question what exactly you're doing that for and - also - whether I can trust you to fix more important issues than might be lingering on a pen-testing machine than which command I use to update or what your package format is.

    11. Re:FFS stick with one name. by Zero__Kelvin · · Score: 1

      Exactly my point.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  3. Sounds like a movie by Bob+the+Super+Hamste · · Score: 3, Funny

    Penetration testing with a Raspberry pi, sounds like a movie to me.

    --
    Time to offend someone
    1. Re:Sounds like a movie by vikingpower · · Score: 1

      Could even be a damn good movie. BTW, similar toolage already exists

      --
      Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
    2. Re:Sounds like a movie by sheehaje · · Score: 1

      or a youporn description

    3. Re:Sounds like a movie by OakDragon · · Score: 2

      Back track... penetration... dammit, Google, foogled again!

      --
      Dark Reflection
  4. kali? by bcong · · Score: 2

    kali /käl/ The most terrifying goddess, wife of Shiva. She is typically depicted as naked, old, and hideous. She is sometimes associated with empowerment. To be fair this is a great name, after all to most IA/security folks I have to deal with... backtrack truly is terrifying to them

  5. Works on Chromebook also, apparantly by Bearhouse · · Score: 2

    http://docs.kali.org/armel-armhf/install-kali-samsung-chromebook

    Alternatives here...

    http://www.concise-courses.com/security/top-ten-distros/

  6. Kali motto: the quieter you become... by vikingpower · · Score: 1
    ...the more you are able to hear.

    Sounds like the best motto or quip a Linux distro ever had.

    --
    Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
  7. Its a great project but... by DarkOx · · Score: 4, Interesting

    One thing that I have never understood is why is Backtrack/Kali a distro in the first place. Why not just release a set of packages with a meta package to require the others if you chose deb, or rpm, if you want to run on Ubuntu/Debian/RH/Centos or as like a Slackware diskset with tag files if you go that way?

    I can understand most users not wanted to plot the packages into their regular install they actively use. There are lots of tools that need setuid etc and specific versions of libraries you might not want around on the system for other reasons. Still if it was just a package set it would make it easy to install in a Linux container or chroot environment without having to run in a full VM. It would make it much easier to install a subset of the functionality if you have domain specific needs on your main install as well. At the same time it would make it no harder to install on a VM or dedicated portable, just install the distro than slap the packages on. Its not as if anyone doing anything useful with msf etc can't manage to do installpkg kali-*.tgz, or apt get kali or whatever.

    Don't take the is post as knocking the project; I really mean it as just asking a question and stating some reasons why I think a different approach might make some sense. This is an amazingly well put together tool. I am sure there is a ton of effort that went in continues to into getting all those packages built and playing nice with each other. Lots of the code and build scripts etc for those tools are not exactly what you would ordinarily call release ready. Having tried to package some of them myself along the way I fully aware of this. I know the maintainers also have to put lots of effort into making sure they don't package anything that really is malicious too; which is no small task.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    1. Re:Its a great project but... by Anonymous Coward · · Score: 1

      The reason for a completely different build is because they change the OS to be even more secure than what a standard distro would be. You can add the backtrack (kali) packages manually if you want to install them into a standard distro though.

      http://hacktalk.net/*nix-support/adding-backtrack-repositories-to-ubuntu/

    2. Re:Its a great project but... by Zero__Kelvin · · Score: 5, Informative

      "One thing that I have never understood is why is Backtrack/Kali a distro in the first place. Why not just release a set of packages with a meta package to require the others if you chose deb, or rpm, if you want to run on Ubuntu/Debian/RH/Centos or as like a Slackware diskset with tag files if you go that way?"

      Because they need a fully customized configuration with complete control over so many things in order for them to work properly. The kernel has to be configured "just so" or packages will not work. The network interfaces default to disabled at boot time. Almost everything needs root privileges to run. The goals for a secure server or desktop OS and Kali are so radically divergent that it makes absolutely no sense to try to mix the two.

      --
      Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
    3. Re:Its a great project but... by Anonymous Coward · · Score: 1

      Additionally some of the custom drivers for things like packet injection are a right pain to switch back and forth on a daily use system.

    4. Re:Its a great project but... by 0100010001010011 · · Score: 1

      This. I had a problem with packet injection on my RTL wifi card on my 'normal' Debian distro. The solutions online were to revert to an older version of the driver, recompile drivers. But then that killed my ethernet card because it wasn't compatible with something.

      BackTrack has everything configured and setup so stuff like this just works(tm)

  8. Re:Why? by Jane+Q.+Public · · Score: 4, Informative

    "Can someone please explain to me why one would use this distro instead of just installing packages with Debian? I've never understood the appeal"

    See the reply to a similar question further up.

    The short answer is: because all the privileges and configs have been pre-set-up so everything just works. You would have to do an awful lot of diddling a standard *nix distro in order to do the same thing. This way, you just install. Somebody else has already done the (considerable amount of) work.