Results 1 to 9 of 9

Thread: Kali Linux as a security risk

  1. #1
    Join Date
    2018-Oct
    Posts
    2

    Kali Linux as a security risk

    Hi everyone,

    I am here to pose a high level question, on the usage of Kali Linux. So no heavy technical jargon here, but just a hypothical question on security.

    Given that Kali is designed to be offensive security distro, would the presence of such host in a network infrastructure be a security issue to the whole infra?

    I have some knowledge of network security, so I'm coming from the point of view where if you have a nuclear arsenal within your base, how easy could a hacker use that against your own infrastructure?

    In short, should it be advised, not to have Kali VMs lying around?

    I guess the answer would be to ensure no security vulnerabilities and compliance is violated with the inclusion of such VMs, but wouldn't blacklisting ports and applications on Kali render its purpose useless?

    Just want to hear a bit of opinions and perhaps some technical advices on this.

    Let me know your thoughts (non fiery emotional ones please).

  2. #2
    Join Date
    2016-Dec
    Location
    Canada
    Posts
    272
    Black hat hackers
    Grey hat hackers
    White hat hackers
    All use the same tools to acomplish their deeds to a network. So yes.

  3. #3
    Join Date
    2018-Oct
    Posts
    2
    Thanks for the reply.

    So you given that you are in charge of a network infrastructure, you wouldn't allow such VMs to reside?

    Hope everyone can see that I'm not trying to be against Kali, I'm trying to see any reasoning or mitigations one can put, if Kali is in place.

  4. #4
    Join Date
    2016-Dec
    Location
    Canada
    Posts
    272
    Quote Originally Posted by Jjacec View Post
    Thanks for the reply.

    So you given that you are in charge of a network infrastructure, you wouldn't allow such VMs to reside?

    Hope everyone can see that I'm not trying to be against Kali, I'm trying to see any reasoning or mitigations one can put, if Kali is in place.
    Not as a normal os atleast.
    easy to start; hard to finish

  5. #5
    Join Date
    2017-Jan
    Posts
    81
    Quote Originally Posted by Jjacec View Post
    how easy could a hacker use that against your own infrastructure?
    As easy as he could use Ubuntu, Debian etc.? Be careful with admin rights and use strong passwords.

    If your infrastructure isn't secure it's not because of kali, I guess. But I'm not skilled at all.

    Edit: I guess I misunderstood the question. If 'lying around' means for anybody's use than it's not recommended ;-)
    Last edited by mstrmnn; 2018-10-27 at 06:14.

  6. #6
    Join Date
    2013-Apr
    Location
    Kali forums
    Posts
    805
    If you are using Kali (or any offensive security tools, for that matter), my view is that they should be vetted and ok-ed by your management. For example, before I do any security work, I always notify the appropriate people.

  7. #7
    Join Date
    2016-Dec
    Location
    Canada
    Posts
    272
    Quote Originally Posted by mstrmnn View Post
    As easy as he could use Ubuntu, Debian etc.? Be careful with admin rights and use strong passwords.

    If your infrastructure isn't secure it's not because of kali, I guess. But I'm not skilled at all.
    Or windows or macOS , also agrree with grid about permission. Kali has some strong tools in its toolbox.

  8. #8
    Join Date
    2013-Dec
    Location
    Krakow
    Posts
    67
    Hi Jjacec,

    So, sincerely have Kali in or network does not make any difference, all the tools running in Kali can be installed in other distros, also most of the tools have an equivalent in Windows. In others words, if you allow the person to install any other O.S your network is in risk already, as I told you including Windows.

    If the attacker is an experienced guy does not matter which one O.S he will run, the tools still available. Of course, it will be one more step, but for sure not a roadblock to perform the attack.

  9. #9
    Join Date
    2018-Dec
    Location
    Belgium
    Posts
    2
    Indeed, this is a security risk.

    Therefore, you need to put mitigation measures (controls) in place. The most obvious control that comes to mind is network segregation : place your offensive tools in a specific network segment and control who can access this segment (your pen-testers) and what it can target (your customers, after they have signed the rules of engagement). Strong passwords for your kali box is another control.

    Your mileage may vary : depending on your environment, you can find other controls to put in place. Or you can accept the risk without mitigations ... in risk management, that's always an option (even if it's often a suicidal one).

    TLC

Similar Threads

  1. Replies: 4
    Last Post: 2018-05-15, 05:52
  2. Security Update _ Linux Kernel Vulnerability
    By volgarixon in forum General Archive
    Replies: 3
    Last Post: 2016-01-21, 17:57

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •