Keeping Kali Quiet

[j283lwwme2]

I noticed while running Wireshark on a test network that there are a variety of system update checks, etc, originating from my Kali OS. This can obviously raise some red flags to sysadmins if I'm pen testing (as the requests are obviously for Kali packages).

Is there any way to put Kali in "silent mode" and have it live up to it's motto: "The quieter you become, the more you are able to hear."?

[aerokid240]

How about, you use a utility such as "nethogs" to determine what process is initiating the network traffic, then you determine what is causing it to run (eg, cron, some daemon, onstart-up, etc). Once you find this out, it should be trivial to disable the root cause of your problem.

[j283lwwme2]

How about, you use a utility such as "nethogs" to determine what process is initiating the network traffic, then you determine what is causing it to run (eg, cron, some daemon, onstart-up, etc). Once you find this out, it should be trivial to disable the root cause of your problem.

...but shouldn't the default configuration for the toolset be setup to have it disabled by default? Especially since this is being used as a LiveCD, it seems counter productive to announce one's presence on the network when doing pen testing.

[blackMORE]

Agreed with both statements. However,

BackTrack had 5 Major and 6 Rn/Beta releases to actually achieve that Silent OS status. - Based on Ubuntu derivative.

Kali had so far 1 major release and 5 security update/minor releases. - Based on Debian derivative.

I guess it needs some more time. Interim solution was already outlined by aerokid240.

[charonsecurity]

Especially since this is being used as a LiveCD, it seems counter productive to announce one's presence on the network when doing pen testing.

I respectfully want to disagree with this statement. By it's nature pen testing can be quite destructive. Why one reason you would want to schedule an attack on a production environment, when traffic is low and downtime will be the least disruptive. For many vectors, there really is no way to hide the fact that the host machine is being (or attempting to be) compromised. With that being said however, for example a man-in-the-middle attack, then yes, you wouldn't want to have your presence know. But that is not really a factor of pen testing, as (it is) being closer to social engineering.

Now for your original post, wireshark will see many things from kali if you are running wireshark from with in kali. But as long as you are using monitor mode then the likely hood of the 'network' from knowing you are trying to figure anything out about the systems security should be null.

[CleanZombie]

I agree, with all the hype about Kali I see no reason that I would use it on a client if it cant even connect to network silently :P