Kali Linux 2018：Windows Penetration Testing

上QQ阅读APP看书，第一时间看更新

Installing Kali Linux to an encrypted USB drive

Secure networking environments such as those found in most organizations that have IT departments present several challenges to you as a security engineer. The company probably has a specific list of approved applications. Antivirus applications are usually managed from a central location. Security tools are miscategorized as evil hacking tools or malware packages. Many companies have defensive rules against having any operating system that isn't Microsoft Windows installed on company computing hardware.

To add to the challenge, they prohibit non-corporate assets on the corporate network. The main problem you will find is that there are very few economical penetration testing tools written for Windows, and the few, such as Metasploit, that do have a Windows version, tend to fight with the lower-level operating system functions. Since most company laptops must have anti-virus software running on the system, you must do some serious exception voodoo on Metasploit's directories. The anti-virus software will quarantine all the viruses and the tools that come with Metasploit. Also, Local Intrusion Protection Software and local firewall rules will cause problems. These OS functions and security add-ons are designed to prevent hacking, and that is exactly what you are preparing to do.

The Payment Card Industry Digital Security Standard (PCI DSS 3.2.1) requires that any Windows machine that handles payment data or is on a network with any machine that handles payment data should be patched, run a firewall, and have anti-virus software installed on it. Further, many company IT security policies mandate that no end user can disable anti-virus protection without penalty.

Another issue with using a Windows machine as your penetration-testing machine is that you may do external testing from time to time. In order to do a proper external test the testing machine must be on the public internet. It is unwise to hang a Windows machine out on the public network with your all your security applications turned off. Such a configuration will probably be infected with worms within 20 minutes of putting it on the internet.

So what's the answer? An encrypted bootable USB drive loaded with Kali Linux. On Kali's install screen there is the option to install Kali to a USB drive with what is called persistence. This gives you the ability to install to a USB drive and have the ability to save files to the USB, but the drive is not encrypted. By mounting the USB drive with a Linux machine your files are there for the taking. This is fine for trying out Kali, but you don't want real test data floating around on a USB drive. By doing a normal full install of Kali to the USB drive, full disk encryption can be used on the disk. If the USB is compromised or lost, the data is still safe.

In this chapter we will install Kali to a 64 GB USB disk. You can use a smaller one but remember you will be gathering data from your testing and even on a small network this can amount to a lot of data. We do testing almost daily so we used a 1 TB USB 3.0 drive. The 64 GB drive is a good size for most testing.