Forum Thread: How to Make Debian/Kali Linux Safer ?

Hi, I want to use kali linux as my main os, and to make it safer, I gathered these ways: using non root account, using vpn (such as airvpn), using noscript add on, blocking ads, being intellegent about what I click on and who I trust,

But should I use iptables (or another firewall) ? And should I encrypt the drive/data ?

Also, can you give me another ways please ?

Thanks in advance.

22 Responses

Also should I use an IDS/IPS ?

There are vulnerabilities in all systems, don't be scared to use Linux, it's still inherently more secure than Windows.

ghost_

A hackers best defense is their self. You have to stay vigilant and careful. This may sound cliche but ultimately you are the last line of defense, yet the most effective.

But from a literal standpoint a firewall and an IPS should prove effective. Stay away from antivirus however, the tools built into Kali can and will cause issues with AV.

Yeah of course, the antivirus would kill this os!

If you consider that I just started learning hacking, so how can I defeat myself ?! Do you think that a firewall and ips would be enough ?

Or should I just run kali in vmware, under windows 10 with bitdefender, malwarebytes anti malware, malwarebytes Anti-exploit, and noscript add on ?

I want it to be my main os, because I want to master it, and to give it all my pc power, to make it faster than in vm, im just afraid if it's secure enough!!

You can always just install Kali as a dual boot OS if you want to dedicate all resources to it.

I would advise you do that.

ghost_

Thanks very much!

Yes, this is my goal of using it as dual boot, but...it will be my main os, because I will be using it all time!

A firewall and an IPS should be enough to deter most unwanted guests, any extra that you add is just icing on the cake! Remember, there's no such thing as too much security!

also, should I encrypt the drive ?

There is literally nothing wrong with drive encryption; why would you not encrypt?

ghost_

hmmm...I think no reasons not to.

Ok thank you :)
Do you recommend firewall another than iptables and ips/ids another than snort ?

Don't install Flash.

ghost_

Oh right, forgot to list that!
But is it safe to use java ?

No.
Especially if you use an older version.

use ufw/gufw as linux firewall, there is guides to secure Linux system: for kali look the CIS guide for Debian.

If you want to go deeper, you can uninstall/disable anything that's listenning on the network by default (netstat -atupe), deny root login (use sudo, sudo -s), configure PAM to allow access only for a specific user ... there is plenty of things to apply to enforce the security of a system.

Disk encryption is useful only for physical access, since when you are logged, datas are available.

Oh and of course, don't use kali as a main system, it was not designed for that. If you want a Linux, use Debian, if you want a windows-like, use Ubuntu. Reason is that the best defense are security updates.

Thanks a lot! Can you please give me link to that guide please ? (I will also use google, don't worry)

My main reason why I wanna use it as my main os is to give it all the resources, but most people warn me against using it as my main os, I think I will just VM it in windows :( Maybe when I become an advanced hacker, I will use it as my main :(

Also, do you think that parrot os is more towrds being a main os ?

Thanks in advance.

so that'll be the 1st link

you dont need a lot of ressources for 90% of the things you'll do, the 10% are for password cracking mainly.

As i said, parrot or kali are the 'same': you need updates. you'r gonna go to third-world websites, you'll dl a lot of things, etc.. you dont wanna do that on your main OS. I'd even suggest to monitor the VM's traffic with wireshark, it will be good for training.

if you was ready to use kali as main os, just go for ubuntu(easy) or debian(-easy) it's good to understand how linux is working. Use virtualbox to emulate vms and you'r good to go.

Thank you.
I think I will just use kali linux on a vm on windows, and use the windows version of hascat for better cracking speed.

i'm in same your position , and i'm puzzled to make it main os or enough for VM because i following an course and it tells me that i should have a linux os main machine for cracking passowrd and wireless . do you know what should i do .?

Share Your Thoughts

  • Hot
  • Active