Results 1 to 6 of 6

Thread: Keeping Kali Quiet

  1. #1
    Join Date
    2013-Nov
    Posts
    6

    Keeping Kali Quiet

    I noticed while running Wireshark on a test network that there are a variety of system update checks, etc, originating from my Kali OS. This can obviously raise some red flags to sysadmins if I'm pen testing (as the requests are obviously for Kali packages).

    Is there any way to put Kali in "silent mode" and have it live up to it's motto: "The quieter you become, the more you are able to hear."?

  2. #2
    Join Date
    2013-Mar
    Posts
    30
    How about, you use a utility such as "nethogs" to determine what process is initiating the network traffic, then you determine what is causing it to run (eg, cron, some daemon, onstart-up, etc). Once you find this out, it should be trivial to disable the root cause of your problem.

  3. #3
    Join Date
    2013-Nov
    Posts
    6
    Quote Originally Posted by aerokid240 View Post
    How about, you use a utility such as "nethogs" to determine what process is initiating the network traffic, then you determine what is causing it to run (eg, cron, some daemon, onstart-up, etc). Once you find this out, it should be trivial to disable the root cause of your problem.
    ...but shouldn't the default configuration for the toolset be setup to have it disabled by default? Especially since this is being used as a LiveCD, it seems counter productive to announce one's presence on the network when doing pen testing.

  4. #4
    Join Date
    2013-Jun
    Posts
    113
    Agreed with both statements. However,

    BackTrack had 5 Major and 6 Rn/Beta releases to actually achieve that Silent OS status. - Based on Ubuntu derivative.

    Kali had so far 1 major release and 5 security update/minor releases. - Based on Debian derivative.

    I guess it needs some more time. Interim solution was already outlined by aerokid240.

  5. #5
    Join Date
    2013-Mar
    Posts
    269
    Quote Originally Posted by j283lwwme2 View Post
    Especially since this is being used as a LiveCD, it seems counter productive to announce one's presence on the network when doing pen testing.
    I respectfully want to disagree with this statement. By it's nature pen testing can be quite destructive. Why one reason you would want to schedule an attack on a production environment, when traffic is low and downtime will be the least disruptive. For many vectors, there really is no way to hide the fact that the host machine is being (or attempting to be) compromised. With that being said however, for example a man-in-the-middle attack, then yes, you wouldn't want to have your presence know. But that is not really a factor of pen testing, as (it is) being closer to social engineering.

    Now for your original post, wireshark will see many things from kali if you are running wireshark from with in kali. But as long as you are using monitor mode then the likely hood of the 'network' from knowing you are trying to figure anything out about the systems security should be null.
    Fact, Science and the Pursuit of Knowledge. Working to secure your networks from threats; Outside and Within.

  6. #6
    Join Date
    2013-Mar
    Location
    NYC
    Posts
    11
    I agree, with all the hype about Kali I see no reason that I would use it on a client if it cant even connect to network silently :P

Similar Threads

  1. Keeping aireplay-ng -1 fakeauth functioning
    By mmusket33 in forum How-To Archive
    Replies: 2
    Last Post: 2015-12-14, 02:02
  2. Replies: 3
    Last Post: 2015-11-21, 09:32
  3. Replies: 0
    Last Post: 2014-02-10, 17:53
  4. Boot from USB while still keeping some space storage
    By TumbaBit in forum Installing Archive
    Replies: 1
    Last Post: 2013-12-28, 11:25

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •