Linux distributions designed for security analysis, penetration testing, and forensic analysis are all the rage these days. It seems like you can hardly swing a dead cat (or a dead computer) without hitting one.
As a dedicated Linux user I consider that to be a good thing, simply because choice is always good, and it is always good to have several groups of talented and dedicated people working on something. But as a long-time user of Kali Linux (and BackTrack before that) I honestly believe that Kali is still the best in the field, so I am always pleased when I hear there is a new Kali release.
The new release, 2017.3, is primarily a roll-up, incorporating all patches and updates issued since the last release into a clean set of installation images. Remember, though, Kali is a rolling-release distribution, so if you already have it installed you don’t need to reinstall from these new images; just make sure that you have the latest updates installed.
If you do want or need to make a fresh installation, the distribution images for the PC version (32 and 64 bit) can be obtained from the Kali downloads page. There are a number of different versions there, and people sometimes get confused by them, so here is a quick summary:
- Kali 64 bit / Kali 32 bit — These are the full versions, which include all of the tools and have a Gnome 3 desktop.
- Kali 64 bit Light / Kali 32 bit Light — These versions have been trimmed down to reduce the download size. They do not include the tools, and they have an Xfce desktop.
- Kali 64 bit e17/MATE/Xfce/LXDE — These are full versions with all the tools, but based on one of these alternate desktops rather than Gnome 3. There are no 32 bit images for these alternate desktops.
- Kali armel/armhf — These are generic ARM images, but be aware that there are a lot of system-specific ARM images (such as Raspberry Pi) on a different download page, as detailed next.
In addition to these standard versions, the Offensive Security downloads page offers a variety of ARM and Virtual images. (Offensive Security is the company behind the Kali Linux distribution.)
- Kali for ARM devices — Custom images for at least 10 different ARM-based devices, including the Raspberry Pi, and Chromebooks from HP, Samsung, and Acer. These are a sort of ‘intermediate’ image, they include some but not all of the tools, and they have an Xfce desktop.
- Kali for VMware/VirtualBox/Hyper-V — Full versions with all tools and Gnome 3 desktop. VMware and Virtual box have both 32 and 64 bit versions; Hyper-V has only a 64 bit version.
The download pages include sha256 checksums for all of these images. Make sure you verify the checksum before installing — just think about how embarrassing it would be to install a security-focused distribution from a compromised distribution image!
I have downloaded and installed the 64-bit full version, the Raspberry Pi 2 and 3 version, and the VirtualBox 64-bit version. All of them installed and ran with absolutely no problem. Here are some notes about them:
PC 64-bit full version
This is a hybrid ISO image, so just copy it directly to a USB stick or burn it to a DVD. The boot menu offers you a variety of Live boots and an installer.
- Booting to Live mode first is always a good idea, just to find out that things like display, keyboard, mouse, and networks all work properly before you install.
- The Kali installer is a slightly modified version of the Debian installer, so don’t expect anything flashy or modern-looking. But like the Debian installer, it just works, very well.
- During the installation process, when it asks if you want to use a network mirror, you should answer yes, or else your installed system won’t have the Kali repositories configured in the APT sources list, which means you wouldn’t ever get any updates.
- The installation works just fine on both MBR and UEFI systems. On UEFI, it uses its own name for the UEFI boot directory, so there is no conflict if there happens to also be a Debian installation on the same system.
- You have to define the root password during installation. So when you boot the installed system, and it comes up with the login window, don’t try to use the old standard or default Kali root password. This is the voice of experience talking to you: when you don’t have much hair left anyway, you really don’t want to tear out a lot of what’s left out for such a silly reason.
Raspberry Pi 2/3 version
Unlike the PC version, this is not an installation image it is a snapshot. You install it in the same way that you install Raspbian, just uncompress the image and dump it to a microSD card.
- Kali does not automatically expand the root file system during the first boot. This could catch you unaware, because Raspbian always does this. This is a good thing, however, because if you are running Kali, you probably don’t want a totally lame single-partition installation. This way you can partition the SD card however you want after installation.
- Don’t forget, this was a snapshot, not an installation image. You don’t run through the installer, so you don’t get to set the root password. The Raspberry Pi comes up with the old default root password. The very first thing you should do, immediately after logging in for the very first time, is change the password.
- One minor irritant: the keyboard layout doesn’t seem to be stored across reboots properly. The snapshot image has a US keyboard, of course, but if I change that (through the Xfce menu / Settings / Keyboard / Layout), I can get a Swiss German layout — but the next time I boot, it is back to a US keyboard. Even more strange is that if I go back to the keyboard layout preferences, it shows German (Switzerland), but in fact that map is not installed. Very strange.
- One other minor irritant: Bluetooth is not enabled by default on the Pi 2/3.
As I mentioned above, the Kali ARM images include a selection of the most commonly used Kali tools. If you want the full set of Kali tools, all you have to do is install the package kali-linux-full.
I have said in previous posts that I think Kali linux on a Raspberry Pi 3 is one of the best tools a security professional could have. But now I want to go one step further, so get ready for this…
I have tried a lot of different Linux distributions on the Raspberry Pi. I would say with no hesitation that if you are interested in an alternative to Raspbian, Kali Linux is the best choice I have seen yet. Obviously, if you are using the Raspberry Pi for educational or hobby purposes, Raspbian is the best choice. I has all the tools, libraries, languages, interfaces and such that you need for that. But if you are using a Raspberry Pi as a very low-cost desktop system, you might be happier with Kali Linux. One obvious reason might be that you either don’t like the PIXEL desktop (based on LXDE), or that you absolutely want or need the Xfce desktop.
Virtual Machine Version
I have loaded the VirtualBox image, and ran it with no problem. It is an image of the full version, with all tools included, and the Gnome 3 desktop:
- There was an issue with the USB 2.0 support. I got around that by simply going to the VM Settings and disabling USB altogether.
- The image is fairly large (around 3.3GB), and when that is imported into VirtualBox, it uses something like 8.5GB. Make sure you have enough free disk space.
- As with the ARM version, this is a snapshot not an installation image. So you don’t get to set the root password during installation, it comes up with the default Kali root password.
Finally, I want to add a few words about another excellent Kali Linux project/product, the Kali Linux Revealed book and online course.
It is an in-depth description of using, installing, and customizing Kali Linux. It includes sections on package management, building and modifying the Linux kernel, deploying and managing Kali installations, including network deployment, and more. It is not only an excellent resource for anyone who wants to use Kali Linux, a lot of the information it contains is of general interest and use for other Linux distributions, so even experienced users and administrators are likely to find the book very useful.
The book is available free in PDF format from the link above, and as a paperback from Amazon. One way or another, if you are serious about using and/or administering Kali Linux, you definitely need to get this book and study it thoroughly.
Recent and related coverage
In addition to their full distribution, Kali Linux offers Light and Mini versions. Here’s how I got on with them.
Combining two of my favorite things: Kali Linux and variety of Raspberry Pi models.