- Mastering Kali Linux for Advanced Penetration Testing
- Robert W. Beggs
- 670字
- 2021-07-16 11:33:17
Configuring network services and secure communications
The first step in being able to use Kali is to ensure that it has connectivity to either a wired or wireless network to support updates and customization.
You may need to obtain an IP address by DHCP (Dynamic Host Configuration Protocol), or assign one statically. First, confirm your IP address using the ifconfig
command from a terminal window, as shown in the following screenshot:

In this particular case, the VM has been assigned an IP address of 192.168.204.132
. If an IP address was not obtained, an address can be assigned by DHCP using the command dhclient eth0
(or other available interfaces, which will depend on the specific configuration of the system being used).
If a static IP address is used, additional information may be required. For example, you can assign a static IP of 192.168.204.128
as follows:
host IP address: 192.168.204.128 subnet mask: 255.255.255.0 default gateway: 192.168.204.1 DNS server: 192.168.204.10
Enter a terminal window and enter the following command:
root@kali:~# ifonconfig eth0 192.168.204.128/24 root@kali:~# route add default gw 192.168.204.1 root@kali:~# echo nameserver 192.168.204.10 > /etc/resolv.conf
Changes made to IP settings are nonpersistent, and will be lost when Kali is rebooted. To make the changes permanent, you will need to edit the /etc/network/interfaces
file, as shown in the following screenshot:

By default, Kali does not start with the DHCP service enabled. Doing so announces the new IP address on the network, and this may alert administrators about the presence of the tester. For some test cases, this may not be an issue, and it may be advantageous to have certain services start automatically during boot up. This can be achieved by entering the following commands:
root@kali~# update-rc.d networking defaults root@kali~# /etc/init.d/networking restart
Kali installs with network services that can be started or stopped as required, including DHCP, HTTP, SSH, TFTP, and the VNC server. These services are usually invoked from the command line, however, some are accessible from the Kali menu.
Adjusting network proxy settings
Users located behind an authenticated or unauthenticated proxy connection must modify bash.bashrc
and apt.conf
. Both files are located in the /root/etc
directory.
- Edit the
bash.bashrc
file, as shown in the following screenshot, use a text editor to add the following lines to the bottom of thebash.bashrc
file:export ftp_proxy="ftp://user:password@proxyIP:port" export http_proxy="http://user:password@proxyIP:port" export https_proxy="https://user:password@proxyIP:port" export socks_proxy="https://user:password@proxyIP:port"
- Replace
proxyIP
andport
with your proxy IP address and port number respectively, and replace the username and password with your authentication username and password. If there's no need to authenticate, write only the part following the@
symbol. - In the same directory, create the
apt.conf
file and enter the following command lines, as shown in the following screenshot: - Save and close the file. Log out and then log in to activate the new settings.
Securing communications with Secure Shell
To minimize detection by a target network during testing, Kali does not enable any externally-listening network services. Some services, such as Secure Shell (SSH), are already installed. However, they must be enabled prior to use.
Kali comes preconfigured with default SSH keys. Before starting the SSH service, it's a good idea to disable the default keys and generate a unique keyset for use.
Move the default SSH keys to a backup folder, and then generate a new SSH keyset using the following command:
dpkg-reconfigure openssh-server
The process of moving the original keys and generating the new keyset is shown in the following screenshot.

To verify that the newly generated keys are unique, calculate their md5sum
hash values, and compare with the original keys as shown in the following screenshot.

To start the SSH service using the menu, select Applications | Kali Linux | System Services | SSHD | SSHD Start.
To start SSH from the command line, use the command line shown in the following screenshot:

To verify that SSH is running, perform a netstat
query, as shown in the following screenshot:

The SSH daemon is listening on port 22 in the previous example. To stop SSH, use the following command:
/etc/init.d/ssh stop
- 科技安全:戰略實踐與展望
- CTF實戰:技術、解題與進階
- Securing Blockchain Networks like Ethereum and Hyperledger Fabric
- 特種木馬防御與檢測技術研究
- 深入淺出隱私計算:技術解析與應用實踐
- 數字化轉型浪潮下的數據安全最佳實踐指南
- 電腦安全與攻防入門很輕松(實戰超值版)
- 黑客攻擊與防范實戰從入門到精通
- Web安全攻防從入門到精通
- 安全網絡構建
- 密碼朋克:自由與互聯網的未來
- INSTANT Microsoft Forefront UAG Mobile Configuration Starter
- 企業安全建設入門:基于開源軟件打造企業網絡安全
- 網絡安全設計
- AI+網絡安全:智網融合空間體系建設指南