StudyMoose App
24/7 writing help on your phone
Save to my list
Remove from my list
A Virtual Machine is a software that needs a server with the basic requirements that allow to install an operating system that resides in the server. Through a Virtual Machine, several operating systems can be installed without the need for these operating systems to start when the operating system is started.
Virtualization
Virtualization is useful when you need to run multiple operating systems simultaneously without having to have an additional computer, it facilitates the installation of programs that need a complete configuration, for example, a mail server can be installed through a pre-configured application.
VMWare
VMware is a software virtualization system, in other words is a program that simulates a physical system with certain hardware characteristics. When the program is executed, it provides an environment of execution like all effects to a physical computer, with CPU, BIOS, graphics card, RAM memory, network card, sound system, USB connection, hard disk, etc.
Kali Linux
Kali Linux is a distribution based on Debian GNU / Linux designed mainly for security in general.
4.9 (247)
“ Rhizman is absolutely amazing at what he does . I highly recommend him if you need an assignment done ”
It was founded and maintained by Offensive Security Ltd. MatiAharoni and Devon Kearns. Both from the Offensive Security team, they developed the distribution based on the rewrite of BackTrack, which could be called the predecessor of Kali Linux. Kali Linux brings pre-installed numerous programs including Armitage, Ettercap, Maltego, Nmap (a port scanner), Wireshark (a sniffer), John the Ripper (a password cracker) and the suite Aircrack-ng (software for security tests in wireless networks). Kali can be used from a Live CD, live-usb and can also be installed as the main operating system, or as in this lab it was installed in VMware, with the help of an .
iso image. As mentioned before, Kali is distributed in ISO images compiled for different architectures and can be installed in any virtualization tool. Its performance would not be affected, depending on the amount of hardware that is provided to the virtualization tool.
To install Kali Linux in VMware we would need first to download the .iso image from an accredited Kali Linux page. For security reasons, it is important that we understand were we are downloading the image from. After this we would need to create a new virtual machine in VMware and follow instructions on how to set up the new operating system. It is important to know how much RAM memory and disk space the operating system would have, as this would affect its performance and the system performance while the VM is running. In my case, I used 70GB of disk space and 1024 of RAM, that is the most common usage of a x64 machine.
After the successful installation of the .iso image in the VM, we would need to run the VM and start with the Kali Linux installer. This is simple, follow the instructions provided, select language, date and time, and other options and Kali Linux would start its installation process as any other regular operating system. When it is done, set to full screen a Kali Linux would be running in your VMware. In the following content, we would discuss the usage of different tools that can be found in Kali Linux after its installation in the VMware software.
Armitage
Armitage is a tool and team collaboration that allows the use of Scripts for Metasploit for visualizing objectives, recommends exploits and exposes the advanced features of post exploitation that the framework has.
Armitage has dynamic workspaces that allow you to define and change the criteria of the objectives quickly, it is used to segment thousands of hosts into a set of objectives. Armitage can scan the network or import results from many security scanners. It visually shows your goals, so it is easy to know which hosts are working and where you have sessions.
The program recommends exploits and optionally runs active controls to tell you which exploits work, if these options fail, it is possible to use Hail Mary's attack to unleash the automatic and intelligent exploitation of Armitage against its objectives.
Once you're in, Armitage exposes the built-in post-exploitation tools in the meterpreter agent, with a click on the menu you can scale privileges, capture keystrokes, dump password passwords, browse system files, and use commands in the shell.
Armitage makes the configuration and use 'pivots' trivial. Using compromised hosts as a leap to attack your target's network from within, it also uses the socks proxy module of metasploit that allows you to use external tools through its pivots, these features allow you to easily maneuver on the network.
Ettercap
Ettercap is an interceptor, sniffer and registrar for LANs with a switch. Supports active and passive addresses of several protocols (even those encrypted). It also makes it possible to inject data into an established connection and filter on the fly while keeping the connection synchronized thanks to its power to establish a “Man-in-the-middle” attack (Spoofing). Many sniffing modes were implemented to give us a powerful and complete set of sniffing tools.
With this program we can make a “Man in the middle” attack, which allows an attacker to impersonate the identity of a receiver in order to deceive an issuer. In simpler words, when you request a web page from your computer, this request is sent to an 'access point' that is responsible for making the request to the web server on the Internet, then the same access point returns the requested page to your computer. The attack 'man in the middle', would be placed between your computer and the access point, supplanting both with the intention of intercepting and capturing the information transmitted.
Maltego
Maltego is one of the most complete and best implemented tools that currently exist in the market focused mainly on data collection and data mining. It represents the information in a symbolic form, that is, the information is presented in different formats in a visual way and teach the different relationships found between the presented information. On the other hand, Maltego allows listing information related to network elements and domains in a quite understandable way, as well as it also allows to list information related to people, data such as email addresses, associated websites, telephone numbers, social groups, associated companies, etc.
In addition to the above, Maltego is cross-platform since it is written in Java, as it will be obvious one of the requirements for it to work properly it is necessary to have a Java virtual machine installed correctly and as a graphic application.
On the other hand, Maltego has two types of distributions, a commercial and a community distribution, the difference between the two is mainly that the community has certain restrictions that limit its use considerably in business environments, in fact, the community version cannot be used for commercial use, for this reason and some others, if you try to use this tool for purposes other than purely educational, it is necessary to acquire a license for the product.
Nmap
Nmap is a multiplatform application used to explore networks and obtain information about services, operating systems and vulnerabilities derived from the conjunction of these.
Nmap is widely used by anyone who is interested in security and hacking tasks in general, from System Administrators to interested parties with less respectable ends. The scanning techniques used by Nmap have already been implemented in intrusion detection systems and firewalls, since security system developers also use Nmap in their work. However, despite being widely documented its operation, there are forms of scanning that make it difficult to detect when it comes to obtaining information.
Wireshark
Wireshark is an open-source protocol analyzer that is currently available for Windows and Unix platforms. Its main objective is the analysis of traffic, but it is also an excellent application for the study of communications and for the resolution of network problems. Wireshark implements a wide range of filters that facilitate the definition of search criteria for more than 1100 protocols currently supported and all this through a simple and intuitive interface that allows to break down by layer each of the captured packages. Thanks to Wireshark 'understands' the structure of the protocols, we can visualize the fields of each of the headers and layers that make up the monitored packages, providing a wide range of possibilities to the network administrator when dealing with certain tasks in the traffic analysis.
John the Ripper
John the Ripper is a software, fast key cracker, is available in many operating systems: Unix, DOS, Hasefroch32, BeOS and OpenVMS. Its main function is to detect weak keys of Unix, but it can analyze hash keys of several flavors Unix, KerberosAFS and Hasefroch NT / 2000 / XPLM hashes, and others. It is a very popular security tool, since it allows system administrators to verify that users' passwords are good enough.
John the Ripper can autodetect the type of encryption from among many available, and you can customize your password test algorithm. It uses brute force to decipher passwords and understand several algorithms such as:
John the Ripper uses a dictionary attack, this meaning that it has a dictionary with words, which can be typical passwords, and he tries them all. For each word, the figure and compare it with the hash to be deciphered. If they match, the word was correct. This works well because most of the passwords that people use are dictionary words. But John the Ripper also tries variations of these words: he adds numbers, signs, uppercase and lowercase letters, changes letters, combines words, etc. It also offers the typical brute force system in which all possible combinations are tested, whether they are words or not. This is the slowest system, and used only in specific cases, since the previous systems (the attack by dictionary) already allow to discover very quickly the weak passwords.
Prevention forms against password hacking and other attacks
As during the previous pages, we discussed several forms of protocol discovery and hacker tools, it is important to mention some ways to prevent attacks in our regular and personal equipment’s, such as our phones, laptops, desktop computers, even video games consoles. It is important to mention that most hacking comes from bad password creation, this meaning that users normally use simple passwords to access important information.
The best method of preventing password theft is to ensure that attackers cannot access the file with encrypted passwords. For example, in linux, encrypted passwords are initially stored in a file accessible to all users / etc / passwd. In modern Unix (and similar systems), they are stored in the / etc / shadow file, which only programs that run with root privileges have read permissions. This makes it more difficult for a malicious user to get the encrypted passwords. Modern Unix systems and others have replaced traditional hashing-based passwords with strong methods based on MD5 and Blowfish. The main way to protect yourself from counting this tool is to prevent users from accessing the password file (/ etc / shadow), for this only root must have read permissions on this file, by default the system comes with this configuration.
Combine letters, numbers and symbols. The more diverse the character types of the password, the stronger it becomes. Do not include sequences or repeated characters. Strings such as '12345678', '222222', 'abcdefg' or the use of adjacent letters on the keyboard do not help create strong passwords.
Avoid using only substitutions of letters by numbers or similar symbols. Criminals and other malicious users who are experienced in deciphering passwords will not be easily fooled by replacements of letters by numbers or similar symbols; for example, 'i' for '1' or 'a' for '@'. These substitutions can be effective when combined with other measures, such as increased length, voluntary spelling errors, or variations between upper and lower case, which increase the security of passwords.
Do not use the username as a password. Avoid selecting part of the name, date of birth, identity number or similar data of their own or their relatives, these are some of the first keys that will be proven by criminals. Do not use dictionary words from any language. Criminals use complex tools that can quickly decipher passwords based on words from different dictionaries, which also include inverse words, common misspellings and substitutions.
Use multiple passwords for different environments. If any of the computers or online systems that use this password is exposed, all information protected by that password should also be considered in danger. Avoid using online storage systems. If a malicious user finds these passwords stored online or on a computer connected to a network, they will have access to all their information.
Do not allow anyone to look at the keyboard while typing the password. Well, you can see some of the characters it contains, and it will be easier to guess. Do not use any example of a password from a site, since it could also be seen by a person who wants to know yours. Besides this, do not share passwords or disclose the construction method.
Change the password as often as possible, sometimes deciphering a password takes days and maybe when deciphered has been changed. As well the implementation of policies by system administrators that oblige users to periodically change passwords.
Perhaps the easiest way to avoid password theft is to use another form of authentication, such as fingerprinting, biometrics, but as it is known, these methods are more expensive and can only be implemented by powerful or advanced companies.
In conclusion, we discussed what is virtualization and why virtualization is important in modern technologies. As well, we discussed the use of VMware and how Kali Linux can be sued in a virtual machine. Kali Linux is an excellent tool for hackers (it is important to mention that the term hacker doesn’t necessarily means a criminal) and for security protocols. In an opinion, it is important that experts and students know how to use these technologies and keep updating their knowledge, as these technologies are changing fast.
Virtual Machines and Kali Linux – Gerardo Hernandez. (2024, Feb 12). Retrieved from https://studymoose.com/document/virtual-machines-and-kali-linux-gerardo-hernandez
👋 Hi! I’m your smart assistant Amy!
Don’t know where to start? Type your requirements and I’ll connect you to an academic expert within 3 minutes.
get help with your assignment
