5 Important Steps to Secure Kali Linux

Kali Linux is one of best distro for hacking and penetration testing used by millions of people around the world.

When you first install Kali Linux on your machine, you need to make sure it’s secured in the best way to be able to become anonymous on the web and also to make sure you not leaving any trace behind you.

These are the most important steps to make your system secure as possible and keep your system malicious-free:

Step 1:

Installing ssh on Kali Linux to be able to access it from any where using another machine like a laptop or even from your phone, but installing ssh on your machine is not that easy as you need to tweak some configuration to make it even scure.

Make sure you have the right packages installed as follow:

apt install ssh openssh-server

Here we have the latest packages already installed on our machine, now we move on to configure ssh and create the ssh keys to be able to login:

rm /etc/ssh/ssh_host_*

dpkg-reconfigure openssh-server

We made sure we deleted any old hosts we have and then we reconfigured the openssh-server for new keys.

Now we are going to change some lines to make sure we can login with root account and changing the default port:

nano /etc/ssh/sshd_config

Here we changed the default port from 22 to 1900

And then changed the root permission to YES

Last we set the PasswordAuthentication to YES

Make sure your root account is secured with a very strong password.

Step 2:

Whenever you make a pen testing for WIFI hacking or even just surfing the internet you always need to change your MAC address to leave no trace behind.

We are going to use “macchanger” to change the MAC address of the interface that’s using the internet or for WIFI hacking, “macchanger” comes pre-installed on kali Linux, if not then just install it as “apt install macchnager”.

Now let’s make some changes with it, we view the current MAC address on our interface:

macchanger -s eth0

We use the flag “-s” to show the MAC address along with the interface name.

To change the MAC address we can make it random address we can burn it manually:

We used the flag “-r” to randomly change the MAC address, notice the difference before and after.

Or we use the flag “-m” so set it manually:

Step 3:

When it comes to information gathering and reconnaissance, we need to make sure we are using Proxychinas.

Proxychains are great commands to keep us hidden and bouncing all over the internet when it comes to fingerprints, for example we want to be anonymous when we doing some port scanning with “nmap” and we don’t want to have anything left leading back to us.

But before we set up the proxies, make sure you have tor services installed on your system and start it:

Let’s first configure the Proxychains on our machines with these simple steps:

nano /etc/proxychains4.conf

We have 3 modes “dynamic_chain” “strict_chain” “random_chain”.

The best option is dynamic_chain as it uses the poxy -list and ignore the dead ones or the slow ones, so remove the “#” in front of the dynamic_chain and put “#” in fron of strict_mode.

Now we need to add some proxies, the best options to get some is to go to this SITE and test one by one to make sure they are not dead proxies or slow ones.

Scroll down to the end of the file and add some proxies to the file:

You can just use tor proxies:

socks4  127.0.0.1 9050

socks5  127.0.0.1 9050

They work very well.

Save the file and start Firefox with this command:

proxychains firefox duckduckgo.com

It’s working very well under proxychains, now lets’ try to find out if we have and DNS leaks or IP leaks from our system:

According to this site I’m in the wrong place, which is not true and that’s a good thing and no DNS or IP leaks:

Now it’s time to use proxychains with namp and do some port scanning:

Step 4:

Next step for securing your identity is to use “kalitorify”, it’s a script used to be completely anonymous on the internet, BUT keep in mind you still need to use “macchnager” as we advised before and change your hostname:

Change your hostname from Kali to something else if you want, and for the nameserver add 8.8.8.8 to the file:

The script goes into Transparent proxy, a transparent proxy is an intermediary system that sit between a user and a content provider. When a user makes a request to a web server, the transparent proxy intercepts the request to perform various actions including caching, redirection and authentication.

Download the script using:

git clone https://github.com/brainfucksec/kalitorify

apt-get update && sudo apt-get dist-upgrade -y

apt-get install -y tor curl

cd kalitorify/

sudo make install

Now start the script with “kalitorify -t”

And that’s it, we are under tor proxies and we have a new identity, if you want to have a new identity just type “kalitorify -r” to restart tor service and have new IP address.

When you done just type “kalitorify -c” to clear the IP table and return to your normal IP address.

Step 5:

The last step in securing Kali Linux is to use “firejail”, this step is to make sure you never download a malicious file or exploit on your system and run it by mistake, as “firejail” create a temp environment on your system that’s isolated and it’s temporary ends by closing “firejail” session.

Let’s download “firejail” on our system:

apt install firejail

Now there is a lot of flags to go with the command but the best combination to create a temp folder and make it secure and make sure not to download any suspicious file:

firejail firefox –seccomp –private –private-tmp –nonewprivs

 Once we run it, we can see this log of the running service:

And to make sure it’s running, open up another tab and type “firejail –list” to list all the running services:

That’s it, you now should have a secured box to play around with.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s