Kali Linux is a specialized Linux distribution aimed at security professionals. As such, it contains several non-‐‐standard features. The default Kali installation ships with several services preinstalled, such as SSH, HTTP, MySQL, etc. If left untouched, these services would load at boot time, which would result in Kali Linux exposing several open ports by default – something we want to avoid, for security reasons. Kali deals with this issue by updating our settings to prevent network services from starting at boot time.
The following module will discuss some of these services, as well as how to operate and manage them.
If, like many users, you want to have the SSH service start automatically at boot time, you need to enable it using the update-rc.d script as follows. The update-rc.d script can be used to enable and disable most services within Kali Linux.
As we did with the SSH service, we can verify that the HTTP service is running and listening on TCP port 80 by using the netstat and grep commands once again.
The following module will discuss some of these services, as well as how to operate and manage them.
Default root Password:-
If you installed Kali from an image file, the installation process should have prompted you for a root password. If you are using the Kali Linux VMware image, as recommended, the default root password is "toor". Make sure to change any default or weak passwords to something long, complex, and secure before starting any services such as SSH. The root password can be changed with the passwd command as shown below.
SSH Service:-
The Secure Shell (SSH)3 service is most commonly used to remotely access a computer, using a secure, encrypted protocol. However, as we will see later on in the course, the SSH protocol has some surprising and useful features, beyond providing terminal access. The SSH service is TCP-based and listens by default on port 22. To start the SSH service in Kali, type the following command into a Kali terminal.
We can verify that the SSH service is running and listening on TCP port 22 by using the netstat command and piping the output into the grep command to search the output for sshd.
We can verify that the SSH service is running and listening on TCP port 22 by using the netstat command and piping the output into the grep command to search the output for sshd.
If, like many users, you want to have the SSH service start automatically at boot time, you need to enable it using the update-rc.d script as follows. The update-rc.d script can be used to enable and disable most services within Kali Linux.
HTTP Service:-
The HTTP service can come in handy during a penetration test, either for hosting a site, or providing a platform for downloading files to a victim machine. The HTTP service is TCP-based and listens by default on port 80. To start the HTTP service in Kali, type the following command into a terminal.
As we did with the SSH service, we can verify that the HTTP service is running and listening on TCP port 80 by using the netstat and grep commands once again.
To have the HTTP service start at boot time, much like with the SSH service, you need to explicitly enable it with update-rc.d
No comments:
Post a Comment