Which Linux distribution is good for Begginers?

Welcome readers! Another post by me. Yeah I know the post is a bit late. I was actually busy with some other important things. So this time I'm going to describe about one of the Debian-Based Linux which is famous among the newbie hackers - 'Kali Sana 2.0'.

Kali Linux is a Debian-derived Linux and is mainly designed for penetration testing and digital forensics. It is developed by the Offensive Security Ltd. Now few readers here who are familiar with Linux distributions might be knowing about Offensive Security Ltd. They were the developers of another famous Linus distribution - Backtrack. Actually Kali is a improved version of Backtrack itself. BackTrack was based on the Knoppix Linux distribution aimed at digital forensics and penetration testing use. In March 2013, the Offensive Security team rebuilt BackTrack around the Debian distribution and released it under the name Kali Linux.

Why you should prefer Kali Linux?

Kali Linux is preinstalled with over 300 penetration-testing programs, including Armitage (a graphical cyber attack management tool), nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper password cracker, Aircrack-ng (a software suite for penetration-testing wireless LANs), Burp suite and OWASP ZAP web application security scanners. Kali Linux can run natively when installed on a computer's hard disk, can be booted from a live CD or live USB, or it can run within a virtual machine. It is a supported platform of the Metasploit Project's Metasploit Framework, a tool for developing and executing security exploits.

Kali Linux is developed using a secure environment with only a small number of trusted people that are allowed to commit packages, with each package being signed by the developer. Kali also has a custom-built kernel that is patched for injection. This was primarily added because the development team found they needed to do a lot of wireless assessments. Kali Linux can also be used in phones, specially the Nexus series. It is known as NetHunter.

Installing Kali Linux

Installing Kali is not a big deal. You can either use a virtual machine, use a live USB or DVD, swap a partition from your hard drive to use it side by side or just erase the hard drive and keep only Kali. Whatever you like. Now if you guys are gonna ask that how to do it, then sadly I'll suggest to make a google search cause explaining this thing is totally a waste of time. It is too easy. If you get any problem in that too then leave a comment down below. I'll help for that.

What to do after installing Kali Linux?

You installed it? Now what? Where to start? Too many questions, right? So just remember one thing that using only tools don't make you a hacker. I mean anyone can use these tools and just take out things they needed. Making your own scripts together with using tools is effective. So if you want to be a hacker, it is important for you to have knowledge of programming languages. So start learning languages and I'll keep posting about how to use the tools. Also if you're confused that from where to start learning then my suggestion is to start from python, C++, Ruby, Java, php... any of these. So good luck with your learning. I'll publish another post soon.

Peace!

Which Operating System will be good for beginners?

There are many people who asked me that what OS should be used for hacking. Well you can use any OS you want to BUT Windows and Mac-OS are not as effective as Linux based OS. So I personally suggest to use Linux instead of Windows and Mac-OS.

Why Linux?

• Open Source

  Unlike Windows and Mac-OS, Linux is open source. What that means for us is that the source code of the operating system is available to us. As such, we can change and manipulate it as we please. If you are trying to make a system operate in ways it was not intended, being able to manipulate the source code is essential.
  

• Transparency

  To hack effectively, you must know and understand your operating system and to a large extent, the operating system you are attacking. Linux is totally transparent, meaning we can see and manipulate all its working parts.

• Granular Control

  Linux is granular. That means that we have almost infinite amount of control over the system. In Windows, you only can control what Microsoft allows you to control. In Linux, everything can be controlled by the terminal in the most miniscule to the most macro level. In addition, Linux makes scripting in any of the scripting languages simple and effective.

• Availability of tools

  Well over 90% of all hacking tools are written for Linux. Of course, there are exceptions like Cain and Abel and Havij, but those exceptions simply emphasize the rule. Even when hacking tools such as Metasploit or nmap are ported for Windows, not all the capabilities transfer from Linux.

Now which Linux should be used? There are so many Linux distributions! I know some might not knowing about this either, so I'm gonna mention them here.

Linux distributions

1. Debian-Based

Debian is a distribution that emphasizes free software. It supports many hardware platforms. Debian and distributions based on it use the .deb package format and the dpkg package manager and its front ends.

•  Knoppix

  Knoppix, itself, is based on Debian. It is a live distribution, with automated hardware configuration and a wide choice of software, which is decompressed as it loads from the drive.

• Ubuntu

  Ubuntu is a distribution based on Debian, designed to have regular releases, a consistent user experience and commercial support on both desktops and servers.

2. Gento-Based

Gentoo is a distribution designed to have highly optimized and frequently updated software. Distributions based on Gentoo use the Portage package management system with emerge or one of the alternative package managers.

3. Pacman-Based

Pacman is a package manager that is capable of resolving dependencies and automatically downloading and installing all necessary packages. In theory, a user need only run a single command to completely update the system.

4. RPM-Based

Red Hat Linux and SUSE Linux were the original major distributions that used the RPM file format, which is today used in several package management systems. Both of these later divided into commercial and community-supported distributions. Red Hat Linux divided into a community-supported distribution sponsored by Red Hat called Fedora, and a commercially supported distribution called Red Hat Enterprise Linux, whereas SuSE divided into openSUSE and SUSE Linux Enterprise.

• Fedora-Based

  Fedora is a community supported distribution. It aims to provide the latest software while maintaining a completely Free Software system.

  • RHEL-Based

    Red Hat Enterprise Linux derivatives are Linux distributions that are based on the source code of Red Hat Enterprise Linux (RHEL).

•  Mandriva Linux-Based

  Mandriva Linux (a fusion of the French distribution Mandrakelinux or Mandrake Linux and the Brazilian distribution Conectiva Linux) was a Linux distribution by Mandriva. It used the RPM Package Manager.

•  openSUSE-Based

  openSUSE, formerly SUSE Linux and SuSE Linux Professional, is a Linux-based project and distribution sponsored by SUSE Linux GmbH and other companies. It is widely used throughout the world. The focus of its development is creating usable open-source tools for software developers and system administrators, while providing a user-friendly desktop, and feature-rich server environment.

5. Slackware-Based

Slackware is known as a highly customizable distribution that stresses ease of maintenance and reliability over cutting-edge software and automated tools. Generally considered a distribution for advanced users, it is often suggested to those who want to learn the inner workings of a Linux operating system.

• Slax-Based

  Slax's modularity and reputation of quality have made it a popular base for other live CD projects.

6. Independent

From independent, I do mean independent. There is no classifications for independent Linux.

What to choose?

Choosing a Debian-Based Linux will be a good decision to start. Later you can switch to any other distribution like Gentoo (For some reason very popular among experienced Linux users).

Some Debian-Based Linux to choose from

• Kali Linux

   

• BackBox Linux

  
  

  

• Parrot Security OS

  
  

  

• DEFT Linux

  
  

  

• Bugtraq

  
  

  

•   NodeZero

  
  

  

• BlackBuntu

  

• Cyborg Hawk Linux

  
  

  

• Weakerthan

  
  

  

• Matriux Linux

  
  

  

Introduction

Hey guys! This is my first blog and in this I'm going to provide a basic introduction about hacking. Different people define hacking differently. I define hacking as gaining access by exploiting the weakness in any computer system or any network. And the person who finds and exploit these weakness is known as a hacker. A hacker is usually a skilled computer programmer having knowledge about computer security and networking.

Types of Hackers

• Ethical Hacker (or White hats): A hacker who gains access to systems with a view to fix the identified weaknesses.They may also perform penetration testing and vulnerability assessments. 

• Cracker (or Black hats): A hacker who gains unauthorized access to computer systems for personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts etc

• Grey hats: A hacker who is in between ethical and black hat hackers. He/she breaks into computer systems without authority with a view to identify weaknesses and reveal them to the system owner.

• Script kiddies: A non-skilled person who gains access to computer systems using already made tools.

• Hacktivists: A hacker who use hacking to send social, religious, and political etc. messages. This is usually done by hijacking websites and leaving the message on the hijacked website. One of the well known hacktivist group is Anonymous.

• Phreaker: A hacker who identifies and exploits weaknesses in telephones instead of computers.

Is hacking a Cyber-crime?

Cybercrime is the use of computers and networks to perform illegal activities such as spreading computer viruses, online bullying, performing unauthorized electronic fund transfers etc.  Most cybercrimes are committed through the internet. Since hacking is breaking into a security (illegally), it is considered as a cyber-crime. But what about the white hats? Are they considered as cyber-criminals too? The answer is NO!

What is Ethical Hacking?

Ethical hacking is identifying weakness in computer systems and/or computer networks and coming with counter measures that protect the weaknesses. Ethical hackers must abide by the following rules.

• Get written permission from the owner of the computer system and/or computer network before hacking.
• Protect the privacy of the organization being hacked.
• Transparently report all the identified weaknesses in the computer system to the organization.
• Inform hardware and software vendors of the identified weakness.

Information is one of the most valuable assets of an organization. Keeping information secure can protect an organization’s image and save an organization a lot of money. Hacking can lead to loss of business for organizations that deal in finance such as PayPal. Ethical hacking puts them a step ahead of the cyber criminals who would otherwise lead to loss of business. Ethical hacking is legal if the hacker abides by the rules stipulated in the above section on the definition of ethical hacking. The International Council of E-Commerce Consultants (EC-Council) provides a certification program that tests individual’s skills. Those who pass the examination are awarded with certificates. The certificates are supposed to be renewed after some time.