Installing Kali Linux on a Raspberry Pi and Connecting to it Remotely

Kali Linux

Kali is the newest version of the Backtrack security penetration testing Linux platform. You can run Kali as a LiveCD or install it to a hard drive. But wouldn’t it be cool if you could run Kali from a $35 Raspberry Pi computer?

Well you can!

In this article we will look at installing Kali Linux on a Raspberry Pi.

The good folks at Offensive Security have created a Kali Linux image for the Raspberry Pi, so installation could not be easier. All you need is a Raspberry Pi, the Kali Image, and an SD Card. I will also use a Windows system to write the image to the SD card.

1. Download the Kali Linux Image (Located about halfway down the page)

2. The image file is compressed you will need to expand it.

3. Next, Install the image to your SD card – Disk Imager works great.

Just plug your SD card into your Windows Laptop, and run Disk Imager. Point the image file to your Kali image that you downloaded and point the device to the drive letter of your SD card.

Then just hit “Write”:

Kali Disk Imager Installing

Disk Imager will write the Kali Linux image to your SD card.

4. Now eject the SD card from your windows laptop and insert it into the SD card slot on your Raspberry Pi. Connect your video, Ethernet cable, and keyboard and mouse.

5. Connect power to the Raspberry Pi and in a few seconds it will boot up into Kali.

That is it! You know have a Raspberry Pi Pentesting platform!

Connecting to the Raspberry Pi remotely from a Windows system using SSH

Now you can run commands from the command prompt, or if you want to run the Raspberry Pi headless (without monitor or keyboard). You can connect to the Pi from a Windows system remotely using SSH!

To Do so:

1. Download Putty for Windows

2. Run Putty and put in the IP address for your Kali System. You can get this by typing “ifconfig” if you have a keyboard attached or by checking the address given to it by your router if you are running Kali headless.

My IP address was 192.168.1.135 in this case. Also, make sure port 22 is entered and select SSH as shown below:

Putty

Then just hit “Open”.

You will be asked asked to log into the Raspberry Pi. If this is the first time, just use the Kali default credentials:

Username: root
Password: toor

Remote Login

That’s it!

Now you can run any of the commands you want on your Raspberry Pi remotely from your Windows System.

LPS Linux – The Publicly Available Air Force Secure Linux Distro

LPS Desktop

Looking for a Secure Linux Distribution and not sure what to use? Why not try the publicly available Linux Distro created by the US Air Force?

Several nations are moving to or modifying their own Linux distributions for military use. And honestly, it just makes sense. But did you know that the SPI working with the US Air Force created the “Lightweight Portable Security” Linux (or LPS for short) and have released it for public use?

LPS is a publicly available, secure Live CD that offers security, sandboxing and encryption.

The ATSPI Technology Office produces nation-state class protection products, and according to the LPS website, “LPS-Remote Access was certified by AFNIC to connect to the GIG for general telecommuting use“. A whole lot of acronyms there, but basically what it means is that LPS is secure – secure enough to be certified by the Air Force to connect to the DoD Global Information Grid – the military’s information super highway.

And if it is good enough for military certification, you can believe that it is capable and safe for secure civilian use.

So what does it look like?

Well, a full blown Ubuntu operating system it is not. It comes with very few bells and whistles. But that is the point. The fewer the frills, the easier it is to secure it.

LPS Menu

As you can see from the user menu above, there are not a lot of pre-installed apps. Though LPS does come in a “Deluxe” version that includes OpenOffice and Adobe Reader.

LPS is meant to be used as a live CD. Simply download LPS, burn it to a CD and then boot from it when you need to use a secure OS – Like when you are traveling abroad or using public internet.

It does not write to the hard drive and does not leave anything in memory when shut down. Because it does not write anything to the hard drive, if by odd chance that LPS does get infected, there is no persistence. Just reboot and the malware will be gone.

LPS seems to be mainly be oriented to surfing, e-mail and data transfer. According to Lt. Col. Ken Edge, Air Force Research Laboratory’s Software Protection Initiative (SPI) program manager, “Imagine a pilot overseas who has to get orders but only has a very questionable Internet café computer, with LPS-Public and a smartcard reader, he can safely enter the CAC-authenticated Air Force Portal and his webmail. Likewise, sailors can securely bank online overseas, and soldiers can safely use social networking sites.”

It even comes with an easy to use Encryption Wizard that allows you to encrypt your data before transmitting it over the wire:

Encryption Wizard

Simply run the wizard, and drag the file you want to encrypt into the program box, then select how you want to encrypt it:

Encrypting File Passphrase

The wizard also decrypts files in the same easy to use manner.

There are other secure Linux distros out there with more capabilities, Tails Linux comes to mind. But if all you need is a simple, easy to use secure Live CD solution, then look no further than LPS Linux.

Backtrack 5 R3 Released Today!

The latest version of Backtrack is out! Check out Backtrack 5 R3!

The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released. R3 focuses on bug-fixes as well as the addition of over 60 new tools – several of which were released in BlackHat and Defcon 2012. A whole new tool category was populated – “Physical Exploitation”, which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection.”

Kudos to the Backtrack team for working so hard on keeping BT alive and fresh! BT5 is hands down my favorite security tool. Dare I say it is the Swiss Army knife of security. It comes in Gnome and KDE, 32 and 64 Bit. There is also a Gnome 32 bit VM available.

BT5’s move to the Gnome interface is great for the Windows guys amongst us, and R3 adds a ton of new tools.

So what are you waiting for??

Get it now!

*** Check out some of the new tools added here!

Linux Mint to take Linux Crown from Ubuntu?

Linux Mint is now the 4th most used home operating system in existence. But can it unseat Ubuntu as the top Linux OS?

Ubuntu, currently number 3 (behind Windows and Mac) in the home OS theater, has received some stiff competition from Linux Mint. Distrowatch shows that Linux Mint has been the most popular Linux distribution over the last year, and their Linux Mint page has had about 2.5 times more visitors than Ubuntu’s page. Though Distrowatch claims that their stats are for entertainment purposes only, Linux Mint is definitely on the rise.

Add to that long time Ubuntu users dislike of the Unity desktop, now the main GUI by default,  and several issues with upgrading to 11.10 and you can see why some people are starting to look elsewhere.

Linux Mint may be an attractive alternative to many users. The install is familiar, it looks like Ubuntu, acts like Ubuntu and most importantly, it comes with the classic Gnome interface – not Unity.

With reports that it is very stable, I couldn’t resist anymore and decided to give it a whirl.

The installation was almost completely identical to Ubuntu’s. And once it is up and running, it looks just like Ubuntu with the classic gnome interface installed. Just a quick glance around and I fell in love very quickly.

First I liked the way it notifies you of available updates:

Also, looking through the menu, I found that it comes with the Firewall graphical user interface installed. You have to install it yourself in Ubuntu:

Just surfing around I felt very at home and familiar with the Gnome interface and the Ubuntu feel.

Okay, what didn’t I like about Linux Mint?

The color scheme! There is just something about green on gray that just turns me off. But a quick theme download and background change and things looked much better:

Linux Mint 12, check it out!