Merging Kali with Tails
I want to get into Linux penetration testing, but still want to have the benefits from anonymous surfing.
Is it possible to setup a good and 'secure' (Yes I know, TOR!=security, blabla) merge from Kali and Tails, starting with Kali?
And how?
kali-linux tails-os
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
add a comment |
I want to get into Linux penetration testing, but still want to have the benefits from anonymous surfing.
Is it possible to setup a good and 'secure' (Yes I know, TOR!=security, blabla) merge from Kali and Tails, starting with Kali?
And how?
kali-linux tails-os
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
Start withUbuntuinstead. Then create a virtual machine forKaliif you want to try it.Tailsis not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. TheKalilinux distribution is specifically targeted, not intended for general use. For example, it only hasrootuser and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to typesudo.
– pqnet
Aug 26 '14 at 12:41
add a comment |
I want to get into Linux penetration testing, but still want to have the benefits from anonymous surfing.
Is it possible to setup a good and 'secure' (Yes I know, TOR!=security, blabla) merge from Kali and Tails, starting with Kali?
And how?
kali-linux tails-os
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
I want to get into Linux penetration testing, but still want to have the benefits from anonymous surfing.
Is it possible to setup a good and 'secure' (Yes I know, TOR!=security, blabla) merge from Kali and Tails, starting with Kali?
And how?
kali-linux tails-os
kali-linux tails-os
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
edited Aug 12 '14 at 14:52
Braiam
23.1k1975137
23.1k1975137
asked Aug 2 '14 at 11:17
uncanny
37117
asked Aug 2 '14 at 11:17
uncanny
37117
asked Aug 2 '14 at 11:17
uncanny
37117
37117
Start withUbuntuinstead. Then create a virtual machine forKaliif you want to try it.Tailsis not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. TheKalilinux distribution is specifically targeted, not intended for general use. For example, it only hasrootuser and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to typesudo.
– pqnet
Aug 26 '14 at 12:41
add a comment |
Start withUbuntuinstead. Then create a virtual machine forKaliif you want to try it.Tailsis not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. TheKalilinux distribution is specifically targeted, not intended for general use. For example, it only hasrootuser and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to typesudo.
– pqnet
Aug 26 '14 at 12:41
Start with
Ubuntu instead. Then create a virtual machine for Kali if you want to try it. Tails is not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. The Kali linux distribution is specifically targeted, not intended for general use. For example, it only has root user and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to type sudo.– pqnet
Aug 26 '14 at 12:41
Start with
Ubuntu instead. Then create a virtual machine for Kali if you want to try it. Tails is not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. The Kali linux distribution is specifically targeted, not intended for general use. For example, it only has root user and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to type sudo.– pqnet
Aug 26 '14 at 12:41
add a comment |
4 Answers
4
active
oldest
votes
It is possible.
Using a Kali Linux LIVE USB key in forensic mode and using a script to route everything through Tor, and two scripts to wipe RAM on halt and secure-delete (srm or shred) files on halt.
Heres a complete writeup, you should really check it out :
http://homeofbannedhacker.blogspot.fr/2015/07/merging-kali-linux-with-tails-improving.html?m=1
edited Mar 19 '16 at 10:38
uncanny
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
add a comment |
Well, I had the same problem as you did. At first I struggled for about a day or two trying to get Qube's ISO image to read when I found I didn't have the right hardware in the first place. I liked the whole "security through isolation" idea of the Cube OS, of having each of my own work spaces neatly separated.
So, I came up with another plan; I simply installed Tails as the main OS, and then installed VirtualBox , and then I went ahead and downloaded kali linux for work related projects, and for entertainment I went ahead and threw Linux mint into virtualbox. Now, the whole idea here was that even though both Kali and Mint run off of Debian, Linux mint is used for entertainment purposes such as; movies, gaming, etc. Of course, if at any time I'd click on the wrong link I'd compromise my security, but not to the entire system. In such an event I would easily delete linux mint and re-install back in to VirtualBox.
The same would go for Kali, if I'm compromised, then poof. All would be hosted under a secure Tor encrypted Tails environment.
Now, I know that both Kali and Mint are both Debian based distros,and are known to be very secure, but I've had a slight run in with some malware and ransom-ware when running Mint alone, so I just wanted to take some precaution this time around. We'll, thank's for listening everyone and I hope some of this information helped.
answered Aug 26 '14 at 10:47
Elegions
211
add a comment |
There is AttackVector, "Linux distro for anonymized penetration based on Kali and TAILS". I don't know if it still up to date, but seem what you're looking for.
answered Oct 18 '14 at 9:10
HeyMan
212
add a comment |
Seems like you answered your own question - start with Kali.
All these different distros are (definitely simplifying here) essentially a base Linux OS with various compile options and applications configured within. So in the case of Tails you are looking at specific configurations/applications geared towards trying to maintain anonymity.
If your primary goal is pen testing then, as you mentioned, you should start with Kali. You will then need to work on the individual tools found in Tails and try to implement them into that base OS. I say try as you may run into issues fully implementing them depending on your desired results. For example, if you are trying to bounce your traffic through a proxy to remain anonymous, a directed pen test may not work as expected. If you are going to keep your browsing (anonymous) and pen testing (direct) separate then this might be easier for you to do.
As far as I know, there is no current distro that combines both pursuits into a single package. Although that does sound like a worthwhile pursuit... maybe this will be your new distro!
Personally, I would stick to using the best tool for each task, using Kali for my pen testing learning (which I would do in an internal network anyway) and running a separate system for my anonymous browsing.
edited Dec 13 at 8:27
msp9011
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f148015%2fmerging-kali-with-tails%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
It is possible.
Using a Kali Linux LIVE USB key in forensic mode and using a script to route everything through Tor, and two scripts to wipe RAM on halt and secure-delete (srm or shred) files on halt.
Heres a complete writeup, you should really check it out :
http://homeofbannedhacker.blogspot.fr/2015/07/merging-kali-linux-with-tails-improving.html?m=1
edited Mar 19 '16 at 10:38
uncanny
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
add a comment |
It is possible.
Using a Kali Linux LIVE USB key in forensic mode and using a script to route everything through Tor, and two scripts to wipe RAM on halt and secure-delete (srm or shred) files on halt.
Heres a complete writeup, you should really check it out :
http://homeofbannedhacker.blogspot.fr/2015/07/merging-kali-linux-with-tails-improving.html?m=1
edited Mar 19 '16 at 10:38
uncanny
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
add a comment |
It is possible.
Using a Kali Linux LIVE USB key in forensic mode and using a script to route everything through Tor, and two scripts to wipe RAM on halt and secure-delete (srm or shred) files on halt.
Heres a complete writeup, you should really check it out :
http://homeofbannedhacker.blogspot.fr/2015/07/merging-kali-linux-with-tails-improving.html?m=1
edited Mar 19 '16 at 10:38
uncanny
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
It is possible.
Using a Kali Linux LIVE USB key in forensic mode and using a script to route everything through Tor, and two scripts to wipe RAM on halt and secure-delete (srm or shred) files on halt.
Heres a complete writeup, you should really check it out :
http://homeofbannedhacker.blogspot.fr/2015/07/merging-kali-linux-with-tails-improving.html?m=1
edited Mar 19 '16 at 10:38
uncanny
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
edited Mar 19 '16 at 10:38
uncanny
37117
edited Mar 19 '16 at 10:38
uncanny
37117
edited Mar 19 '16 at 10:38
uncanny
37117
37117
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
answered Aug 1 '15 at 13:53
RomeoAndJuliet
7611
7611
add a comment |
add a comment |
Well, I had the same problem as you did. At first I struggled for about a day or two trying to get Qube's ISO image to read when I found I didn't have the right hardware in the first place. I liked the whole "security through isolation" idea of the Cube OS, of having each of my own work spaces neatly separated.
So, I came up with another plan; I simply installed Tails as the main OS, and then installed VirtualBox , and then I went ahead and downloaded kali linux for work related projects, and for entertainment I went ahead and threw Linux mint into virtualbox. Now, the whole idea here was that even though both Kali and Mint run off of Debian, Linux mint is used for entertainment purposes such as; movies, gaming, etc. Of course, if at any time I'd click on the wrong link I'd compromise my security, but not to the entire system. In such an event I would easily delete linux mint and re-install back in to VirtualBox.
The same would go for Kali, if I'm compromised, then poof. All would be hosted under a secure Tor encrypted Tails environment.
Now, I know that both Kali and Mint are both Debian based distros,and are known to be very secure, but I've had a slight run in with some malware and ransom-ware when running Mint alone, so I just wanted to take some precaution this time around. We'll, thank's for listening everyone and I hope some of this information helped.
answered Aug 26 '14 at 10:47
Elegions
211
add a comment |
Well, I had the same problem as you did. At first I struggled for about a day or two trying to get Qube's ISO image to read when I found I didn't have the right hardware in the first place. I liked the whole "security through isolation" idea of the Cube OS, of having each of my own work spaces neatly separated.
So, I came up with another plan; I simply installed Tails as the main OS, and then installed VirtualBox , and then I went ahead and downloaded kali linux for work related projects, and for entertainment I went ahead and threw Linux mint into virtualbox. Now, the whole idea here was that even though both Kali and Mint run off of Debian, Linux mint is used for entertainment purposes such as; movies, gaming, etc. Of course, if at any time I'd click on the wrong link I'd compromise my security, but not to the entire system. In such an event I would easily delete linux mint and re-install back in to VirtualBox.
The same would go for Kali, if I'm compromised, then poof. All would be hosted under a secure Tor encrypted Tails environment.
Now, I know that both Kali and Mint are both Debian based distros,and are known to be very secure, but I've had a slight run in with some malware and ransom-ware when running Mint alone, so I just wanted to take some precaution this time around. We'll, thank's for listening everyone and I hope some of this information helped.
answered Aug 26 '14 at 10:47
Elegions
211
add a comment |
Well, I had the same problem as you did. At first I struggled for about a day or two trying to get Qube's ISO image to read when I found I didn't have the right hardware in the first place. I liked the whole "security through isolation" idea of the Cube OS, of having each of my own work spaces neatly separated.
So, I came up with another plan; I simply installed Tails as the main OS, and then installed VirtualBox , and then I went ahead and downloaded kali linux for work related projects, and for entertainment I went ahead and threw Linux mint into virtualbox. Now, the whole idea here was that even though both Kali and Mint run off of Debian, Linux mint is used for entertainment purposes such as; movies, gaming, etc. Of course, if at any time I'd click on the wrong link I'd compromise my security, but not to the entire system. In such an event I would easily delete linux mint and re-install back in to VirtualBox.
The same would go for Kali, if I'm compromised, then poof. All would be hosted under a secure Tor encrypted Tails environment.
Now, I know that both Kali and Mint are both Debian based distros,and are known to be very secure, but I've had a slight run in with some malware and ransom-ware when running Mint alone, so I just wanted to take some precaution this time around. We'll, thank's for listening everyone and I hope some of this information helped.
answered Aug 26 '14 at 10:47
Elegions
211
Well, I had the same problem as you did. At first I struggled for about a day or two trying to get Qube's ISO image to read when I found I didn't have the right hardware in the first place. I liked the whole "security through isolation" idea of the Cube OS, of having each of my own work spaces neatly separated.
So, I came up with another plan; I simply installed Tails as the main OS, and then installed VirtualBox , and then I went ahead and downloaded kali linux for work related projects, and for entertainment I went ahead and threw Linux mint into virtualbox. Now, the whole idea here was that even though both Kali and Mint run off of Debian, Linux mint is used for entertainment purposes such as; movies, gaming, etc. Of course, if at any time I'd click on the wrong link I'd compromise my security, but not to the entire system. In such an event I would easily delete linux mint and re-install back in to VirtualBox.
The same would go for Kali, if I'm compromised, then poof. All would be hosted under a secure Tor encrypted Tails environment.
Now, I know that both Kali and Mint are both Debian based distros,and are known to be very secure, but I've had a slight run in with some malware and ransom-ware when running Mint alone, so I just wanted to take some precaution this time around. We'll, thank's for listening everyone and I hope some of this information helped.
answered Aug 26 '14 at 10:47
Elegions
211
answered Aug 26 '14 at 10:47
Elegions
211
answered Aug 26 '14 at 10:47
Elegions
211
answered Aug 26 '14 at 10:47
Elegions
211
211
add a comment |
add a comment |
There is AttackVector, "Linux distro for anonymized penetration based on Kali and TAILS". I don't know if it still up to date, but seem what you're looking for.
answered Oct 18 '14 at 9:10
HeyMan
212
add a comment |
There is AttackVector, "Linux distro for anonymized penetration based on Kali and TAILS". I don't know if it still up to date, but seem what you're looking for.
answered Oct 18 '14 at 9:10
HeyMan
212
add a comment |
There is AttackVector, "Linux distro for anonymized penetration based on Kali and TAILS". I don't know if it still up to date, but seem what you're looking for.
answered Oct 18 '14 at 9:10
HeyMan
212
There is AttackVector, "Linux distro for anonymized penetration based on Kali and TAILS". I don't know if it still up to date, but seem what you're looking for.
answered Oct 18 '14 at 9:10
HeyMan
212
answered Oct 18 '14 at 9:10
HeyMan
212
answered Oct 18 '14 at 9:10
HeyMan
212
answered Oct 18 '14 at 9:10
HeyMan
212
212
add a comment |
add a comment |
Seems like you answered your own question - start with Kali.
All these different distros are (definitely simplifying here) essentially a base Linux OS with various compile options and applications configured within. So in the case of Tails you are looking at specific configurations/applications geared towards trying to maintain anonymity.
If your primary goal is pen testing then, as you mentioned, you should start with Kali. You will then need to work on the individual tools found in Tails and try to implement them into that base OS. I say try as you may run into issues fully implementing them depending on your desired results. For example, if you are trying to bounce your traffic through a proxy to remain anonymous, a directed pen test may not work as expected. If you are going to keep your browsing (anonymous) and pen testing (direct) separate then this might be easier for you to do.
As far as I know, there is no current distro that combines both pursuits into a single package. Although that does sound like a worthwhile pursuit... maybe this will be your new distro!
Personally, I would stick to using the best tool for each task, using Kali for my pen testing learning (which I would do in an internal network anyway) and running a separate system for my anonymous browsing.
edited Dec 13 at 8:27
msp9011
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
add a comment |
Seems like you answered your own question - start with Kali.
All these different distros are (definitely simplifying here) essentially a base Linux OS with various compile options and applications configured within. So in the case of Tails you are looking at specific configurations/applications geared towards trying to maintain anonymity.
If your primary goal is pen testing then, as you mentioned, you should start with Kali. You will then need to work on the individual tools found in Tails and try to implement them into that base OS. I say try as you may run into issues fully implementing them depending on your desired results. For example, if you are trying to bounce your traffic through a proxy to remain anonymous, a directed pen test may not work as expected. If you are going to keep your browsing (anonymous) and pen testing (direct) separate then this might be easier for you to do.
As far as I know, there is no current distro that combines both pursuits into a single package. Although that does sound like a worthwhile pursuit... maybe this will be your new distro!
Personally, I would stick to using the best tool for each task, using Kali for my pen testing learning (which I would do in an internal network anyway) and running a separate system for my anonymous browsing.
edited Dec 13 at 8:27
msp9011
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
add a comment |
Seems like you answered your own question - start with Kali.
All these different distros are (definitely simplifying here) essentially a base Linux OS with various compile options and applications configured within. So in the case of Tails you are looking at specific configurations/applications geared towards trying to maintain anonymity.
If your primary goal is pen testing then, as you mentioned, you should start with Kali. You will then need to work on the individual tools found in Tails and try to implement them into that base OS. I say try as you may run into issues fully implementing them depending on your desired results. For example, if you are trying to bounce your traffic through a proxy to remain anonymous, a directed pen test may not work as expected. If you are going to keep your browsing (anonymous) and pen testing (direct) separate then this might be easier for you to do.
As far as I know, there is no current distro that combines both pursuits into a single package. Although that does sound like a worthwhile pursuit... maybe this will be your new distro!
Personally, I would stick to using the best tool for each task, using Kali for my pen testing learning (which I would do in an internal network anyway) and running a separate system for my anonymous browsing.
edited Dec 13 at 8:27
msp9011
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
Seems like you answered your own question - start with Kali.
All these different distros are (definitely simplifying here) essentially a base Linux OS with various compile options and applications configured within. So in the case of Tails you are looking at specific configurations/applications geared towards trying to maintain anonymity.
If your primary goal is pen testing then, as you mentioned, you should start with Kali. You will then need to work on the individual tools found in Tails and try to implement them into that base OS. I say try as you may run into issues fully implementing them depending on your desired results. For example, if you are trying to bounce your traffic through a proxy to remain anonymous, a directed pen test may not work as expected. If you are going to keep your browsing (anonymous) and pen testing (direct) separate then this might be easier for you to do.
As far as I know, there is no current distro that combines both pursuits into a single package. Although that does sound like a worthwhile pursuit... maybe this will be your new distro!
Personally, I would stick to using the best tool for each task, using Kali for my pen testing learning (which I would do in an internal network anyway) and running a separate system for my anonymous browsing.
edited Dec 13 at 8:27
msp9011
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
edited Dec 13 at 8:27
msp9011
3,69743863
edited Dec 13 at 8:27
msp9011
3,69743863
edited Dec 13 at 8:27
msp9011
3,69743863
3,69743863
answered Aug 12 '14 at 14:51
Yuppers
711
answered Aug 12 '14 at 14:51
Yuppers
711
answered Aug 12 '14 at 14:51
Yuppers
711
711
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f148015%2fmerging-kali-with-tails%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Start with
Ubuntuinstead. Then create a virtual machine forKaliif you want to try it.Tailsis not "security", it's for "anonymity". A professional will choose your tools specifically for the task he wants to do, not trying to merge them together in some kind of swiss-knife hybrid. TheKalilinux distribution is specifically targeted, not intended for general use. For example, it only hasrootuser and let you log in as such, sacrificing a lot of security on your machine in order to let you be a bit faster because you don't have to typesudo.– pqnet
Aug 26 '14 at 12:41