Configuring network services and secure communications
The first step in being able to use Kali is to ensure that it has connectivity to either a wired or wireless network to support updates and customization.
You may need to obtain an IP address by DHCP (Dynamic Host Configuration Protocol), or assign one statically. First, confirm your IP address using the ifconfig command from a terminal window, as shown in the following screenshot:
In this particular case, the VM has been assigned an IP address of 192.168.204.132. If an IP address was not obtained, an address can be assigned by DHCP using the command dhclient eth0 (or other available interfaces, which will depend on the specific configuration of the system being used).
If a static IP address is used, additional information may be required. For example, you can assign a static IP of 192.168.204.128 as follows:
host IP address: 192.168.204.128 subnet mask: 255.255.255.0 default gateway: 192.168.204.1 DNS server: 192.168.204.10
Enter a terminal window and enter the following command:
root@kali:~# ifonconfig eth0 192.168.204.128/24 root@kali:~# route add default gw 192.168.204.1 root@kali:~# echo nameserver 192.168.204.10 > /etc/resolv.conf
Changes made to IP settings are nonpersistent, and will be lost when Kali is rebooted. To make the changes permanent, you will need to edit the /etc/network/interfaces file, as shown in the following screenshot:
By default, Kali does not start with the DHCP service enabled. Doing so announces the new IP address on the network, and this may alert administrators about the presence of the tester. For some test cases, this may not be an issue, and it may be advantageous to have certain services start automatically during boot up. This can be achieved by entering the following commands:
root@kali~# update-rc.d networking defaults root@kali~# /etc/init.d/networking restart
Kali installs with network services that can be started or stopped as required, including DHCP, HTTP, SSH, TFTP, and the VNC server. These services are usually invoked from the command line, however, some are accessible from the Kali menu.
Adjusting network proxy settings
Users located behind an authenticated or unauthenticated proxy connection must modify bash.bashrc and apt.conf. Both files are located in the /root/etc directory.
- Edit the
bash.bashrcfile, as shown in the following screenshot, use a text editor to add the following lines to the bottom of thebash.bashrcfile:export ftp_proxy="ftp://user:password@proxyIP:port" export http_proxy="http://user:password@proxyIP:port" export https_proxy="https://user:password@proxyIP:port" export socks_proxy="https://user:password@proxyIP:port"
- Replace
proxyIPandportwith your proxy IP address and port number respectively, and replace the username and password with your authentication username and password. If there's no need to authenticate, write only the part following the@symbol. - In the same directory, create the
apt.conffile and enter the following command lines, as shown in the following screenshot:
- Save and close the file. Log out and then log in to activate the new settings.
Securing communications with Secure Shell
To minimize detection by a target network during testing, Kali does not enable any externally-listening network services. Some services, such as Secure Shell (SSH), are already installed. However, they must be enabled prior to use.
Kali comes preconfigured with default SSH keys. Before starting the SSH service, it's a good idea to disable the default keys and generate a unique keyset for use.
Move the default SSH keys to a backup folder, and then generate a new SSH keyset using the following command:
dpkg-reconfigure openssh-server
The process of moving the original keys and generating the new keyset is shown in the following screenshot.
To verify that the newly generated keys are unique, calculate their md5sum hash values, and compare with the original keys as shown in the following screenshot.
To start the SSH service using the menu, select Applications | Kali Linux | System Services | SSHD | SSHD Start.
To start SSH from the command line, use the command line shown in the following screenshot:
To verify that SSH is running, perform a netstat query, as shown in the following screenshot:
The SSH daemon is listening on port 22 in the previous example. To stop SSH, use the following command:
/etc/init.d/ssh stop