Kali Linux 2018：Windows Penetration Testing

上QQ阅读APP看书，第一时间看更新

Configuring the installation

If you have ever installed any distribution of Linux, the first section of the installation should seem very familiar. You will see a series of screens for setting the country, language, and keyboard. Set this up for your locale and language of choice. Normally the installer will discover the keyboard and you can click the one chosen. The default choices in the US are US standard English, and US standard keyboard mapping. Make appropriate changes then click the Continue button on each of these pages.

After these configurations you'll be given the window as follows to supply a Hostname. Give it a distinctive name and not the default. This will be helpful later when using saved data and screenshots. If you have several people using Kali and all the machines are named Kali it can be confusing as to exactly where the data came from.

The next screenshot asks for a domain name. Use a real domain name that you or your company controls. Do not use a bogus domain name, such as .local or .localdomain. If you are doing business on the internet, or are a student and want to be a security professional, please use a proper domain name. This makes tracing routes and tracking packets easier. Domains are cheap. If the domain belongs to your employer, and you cannot just use their domain name, request a subdomain such as testing.mycompany.com.

In the next window you will be asked to provide a root password. Give this a STRONG password. The longer and more complex the password, the better. Remember, after a few tests the keys to your network will be on this device. Unlike most computer operations, during penetration testing you will be using the root account, and not a normal user account. You will need the ability to open and close ports and have full control of the network stack.

A standard Kali install does not offer you the chance to add a standard user. If you install Kali on the laptop itself, and use this laptop for other things besides testing, create a standard user and give it sudoer privileges. You never want to get into the habit of using your root account for browsing the World Wide Web and sending emails.

Next, you will be asked to choose your time-zone. Set up by your location on the graphical map, or pull-down menu, or pick your UTC offset. Many tools on Kali Linux output timestamps and these are legal evidence that you did what you said you did, when you said you did it.