Review and Setup of Security Audit Using

Kali Linux Operating System

Md. Zahid Hossain

Student ID: 20-91575-1
Advanced Operating System
MsCS in Computer Science
American International University, Bangladesh
1 (AIUB)
Reference
Indonesian Journal of Electrical Engineering and Computer Science
Vol. 11, No. 1, July 2018, pp. 51~59
ISSN: 2502-4752, DOI: 10.11591/ijeecs.v11.i1.pp51-59

On the Review and Setup of Security Audit Using Kali Linux

Teddy Surya Gunawan1, Muhammad Kassim Lim2, Nurul Fariza Zulkurnain3, Mira Kartiwi4
1,2,3Department of Electrical and Computer Engineering, Kulliyyah of Engineering,
4Department of Information Systems, Kulliyyah of ICT The International Islamic University Malaysia
(IIUM), Jalan Gombak, 53100 Kuala Lumpur, Malaysia
ABSTRACT
• The massive development of technology especially in computers, mobile devices, and networking
has bring security issue forward as primarily concern. The computers and mobile devices
connected to Internet are exposed to numerous threats and exploits. With the utilization of
penetration testing, vulnerabilities of a system can be identified and simulated attack can be
launched to determine how severe the vulnerabilities are.
• This presentation reviewed some of the security concepts, including penetration testing, security
analysis, and security audit.
• Kali Linux is the most popular penetration testing and security audit platform with advanced tools
to detect any vulnerabilities uncovered in the target machine. For this purpose, Kali Linux setup
and installation will be described in more details.
• Moreover, a method to install vulnerable server was also presented. Further research including
simulated attacks to vulnerable server on both web and firewall system will be conducted.
Uses of Operating System and Security
Nowadays, computer is considered essential to everyone from young to
old, students to the corporates. The number of computer is growing
rapidly every year. This rapid growth of number of computer each year
leads to the security concern. The computer security is vital because
the adversaries are always looking for opportunity and vulnerability to
challenge the security.
Computer Operating System
The Operating System (OS) is a program comprises with million lines of coding that acts
as an intermediary between a user of a computer and the computer hardware. There
are lot of OS running on the computer, but only three of them are widely used:

• Windows OS,
• Mac OS and
• Linux OS.
Windows OS is dominating the computer OS at 83.93%,
Mac OS came at second with 10.29% and
Linux OS at third with 3.76%.
This means that Windows OS is exposed to lot of vulnerability because of it widely
used. Windows or Linux is exposed to the malicious code attacks which comes from
man-in-the-middle-attack (MITM).
Mobile Operating System
Mobile operating systems, Android and iOS are dominating the operating
systems in smartphone.
• In the case 69.68% Android is currently leading the race
• iOS is at second with 19.35%.
Android is an open-source platform where there’s no royalty’s fee to develop for
the platform. The source-code is there on the internet, and everybody can use it
freely without violating any copyright acts. The whole source code of Android
Operating Systems is free to use which lying under the General Public License
version 2 (GPLv2). Because of this open-source code practices by Android and it
widely used, it exposes to numerous malicious threats. In Cisco 2014 Annual
Security report, they reported that the significantly rapidly growth of number of
Android’s users makes it becomes favorable target of malware attacks.
Computer security
Computer security can be perceived at two different perspectives:

• Computer that is connected to the network and

• The one who does not.

The primarily concern about the security is the computer which is connected to
the network since most of the computers in this era are connected to the
network. Secure computing is achieving the goals of security in information
environment from threats; the goals are:

• Confidentiality,
• Integrity,
• Availability and
• Resilience.
Computer security
• Confidentiality is about retaining either personal data or organizational data.

• Integrity is preserving the system or the data from being altered or changed
illegally by non-authorized users.

• Availability means being able to use the system as anticipated.

• And resilience is what allows a system to endure security threats instead of

critically failing.
Security Audit
Kali Linux is a Debian-based Linux distribution aimed at advanced
Penetration Testing and Security Auditing. Kali contains several hundred
tools which are geared towards various information security tasks, such
as Penetration Testing, security audit, Security research, Computer
Forensics and Reverse Engineering.
PENETRATION TESTING

Penetration testing is a legitimate exercise of exploiting a system with

real life attacker scenario including illegal access and the practice of
malicious activities.
The process of penetration testing starts from identify the system’s
vulnerabilities, stage an exploitation, vulnerabilities’ discovery and
reporting, and dissolving the vulnerabilities that can cause harm to the
system. The process of penetration testing could illustrate the level of
severity could be done on the system during the real life attack thus
help the organization to prevent it before it is too late.
Vulnerabilities
There are numerous attacks that can cause damage to one organization’s system.
According to Open Web Application Security Project (OWASP) there are top 6
vulnerabilities that been leaving severe impact to web application.

• SQL Injections (SQLi)

• Cross Site Scripting (XSS)
• Local File Inclusion (LFI) and Remote File Inclusion (RFI)
• Distributed-Denial-of-Service (DDoS)
• Man-in-the-Middle (MITM)
• Zero-Day Vulnerabilities
SQL Injections (SQLi)

Structured Query Language (SQL) is

normally used as intermediate
between web applications and
database. SQL responsible in taking
care of request and retrieve of data
from client side to database and
back and forth. SQL injection occurs
when an attacker injects the SQL
queries with new parameters into
the input values to enter and gain
access to the database
unauthorized.
Cross Site Scripting (XSS)

XSS is a technique where the JavaScript, VBScript, ActiveX, Flash or

HTML is planted along with the malicious XSS link. When the infected
link is executed or loaded, the attacker will obtain root privilege and all
the sensitive data and information will be left exposed to the attacker.
Local File Inclusion (LFI) and Remote File Inclusion
(RFI)

• Local File Inclusion (LFI) is an attack where the attacker executes

commands in some files located in the web server after exploiting the
web applications. The word “Local” referred to the location of the file
executed, which is inside the web server.

• Remote File Inclusion (RFI) occurs when any type of user input is
remotely accepted without going through any proper validation and
sanitization by the server.
Distributed-Denial-of-Service (DDoS)

Distributed Denial of Service (DDoS) attacks are fatal. In this type of

attack, legitimate users would not get access to a specific network
resource because the network and services have been flooding with
false service request.
Man-in-the-Middle (MITM)
MITM attack is type of attack where it violates two of security goals discussed
earlier; confidentiality and integrity. In this attack, the attacker eavesdrops the data
flows in communication link between endpoints. MITM attack, three parties are
involved; two victims that are communicating with each other and an attacker, in
which the attacker exploits the communication channel between two victims and
has the ability to man oeuvre the information exchanged. MITM attack is including
intercepting emails, logins, chat messages, cutting a victim’s internet connection;
and many others.
Zero-Day Vulnerabilities

Zero-Day vulnerabilities refers to the security risk which could be

exploited by hacker but has yet known by the software vendor. Once
the vendor learns of the vulnerability, the vendor will usually create
patches to mitigate it. One of the most notorious example of zero day
attack is Stuxnet which uses 4 Windows operating systems zero-day
exploits. Stuxnet commanded the PLCs to speed up and slow down the
spinning centrifuges, destroying some of them, while sending false data
to plant operators to make it appear the centrifuges were behaving
normally. Based on this Stuxnet attack, it is very significant to keep the
integrity at all cost.
SECURITY ANALYST

Security analyst does comprehensive analysis based on the data

gathered in the event of attack or attempt of attack or annual report to
identify the vulnerabilities and holes in the systems. A comprehensive
analysis means that, every piece of information and information
gathered must be inspected, evaluated, investigated, and studied
profoundly. Not only that, a security analyst must be able to do research
on past cyber-attack events and being able to relate it to current cyber-
attack. However, these methods are no longer enough to stop the
attacks and considered obsolete. According to a new age of war
between attackers/hackers and security analyst has emerged where
both parties employ new complicated schemes to disorient each other.
SECURITY AUDIT

In auditing process, the system security objectives and its implementation are
screened and then verified. The security audits are responsible in evaluating the
vulnerabilities found in the systems and find alternatives to reduce the area of
vulnerabilities’ exposure. There are numerous number of popular tools used in
auditing security and one of them is:
• Lynis
Lynis is an Open Source Unix-based system tools aims in scanning security
aspect rather than scanning for vulnerabilities.
Installing Kali Linux
Kali Linux will be installed on the VMware virtual machine. VMware is a software
which allowed a virtual machine (which uses some CPUs, RAM and storage from
the main machine) to be operated like normal computer. That means there are two
operating system running simultaneously on a machine. Therefore, in this research
two operating system (Windows 10 host and Kali Linux virtual machine) will run at
the same time. Kali Linux virtual machine, in which it uses 4 CPU Cores, 2 GBytes of
RAM, and 60 GB of harddrive. The download page of Kali Linux website offered Kali
Linux 64 bit VMware VM, 32 bit VMware VM PAE, 64 bit and 32 bit Vbox.
Tools in Kali Linux
Kali Linux consists of hundreds of pre-built tools. The tools are divided into sections to its functionality and
utilities. Each section carries out different task but with same objective; to do penetration testing.

• Information gathering: Important tools to collect information about the target

• Vulnerability analysis: Tools for scanning weakness in the system
• Wireless attack: Tools carry out attack on wireless protocol
• Web application: Used to attack Web Site, Web Server and Web Application.
• Sniffing and spoofing: Tools used to monitor and capture the network traffic and manipulating it
• Exploitation tools: Tools used to identify the vulnerabilities in a system
• Forensic tools: Focused on monitoring and analyzing system’s network traffic and program.
• Stress testing: Tools used to measure how much a system can handle a heavy load of network traffic and
information (DDoS attack).
• Password attacks: Deal with brute force of a system; identifying, finding and cracking password of a system
• Maintaining access: Used to keep the access on the system that has been exploited i.e. backdoor.
• Reverse engineering: Identify how a system is produced so it might be duplicated or changed
• Hardware hacking: Focused on gaining access over small electronic devices like android and Arduino.
• Reporting tools: Used for post penetration testing; gather information and provide proper documentation
to report on the organization
CONCLUSIONS
This has presented a review of penetration testing, security analysis,
and security audit. On the penetration testing, we reviewed the most
popular techniques including SQLi, XSS, LFI, RFI, DDoS, MITM, and zero-
day vulnerabilities. On the other hand, Kali Linux is the most popular
penetration testing and security audit platform with advanced tools to
detect any vulnerabilities uncovered in the target machine.