Blog

More Core Changes in Kali Sana (V 2.0)

More Linux Core Changes in Kali Sana are to be noticed. (Also applies to Other Latest Linux Distros)

Recently, some core changes & tweaks were introduced to the Linux architecture & Kernel itself. This article gives an introduction to some of them. Although this focuses on Kali Linux, people using other Linux versions also can use this. These updates are there since 2014 but, are being put to use now only as there are some major changes on the way how the linux system works.

Here in this article, 3 core level changes are discussed.

1. Systemd & Systemctl

2. New Network Manager

3. Journalist

1. Systemd & Systemctl

Systemd is an abbreviation for System Management Deamon. It replaces the init process which was the parent of all processes of a unix system in older versions. Systemd starts processes in parallel as compared with init in older versions which starts serially. This was designed to overcome many limitations of init like kernel panic. Also, the intension was to make things clean as possible. As a result, systemd starts much faster than init. Also there is a new logging system called journald which is described later in this article.

Pratically, the core change is the run levels have been replaced by targets. Also all objects are categorized as targets, sockets, & services. Starting a runlevel is ideologically changed into reaching a target.

Read More: http://www.tecmint.com/systemd-replaces-init-in-linux/

https://wiki.debian.org/Debate/initsystem/systemd

Tasks:

1. Check ssh with both methods

2. Some more interesting things using systemctl

Here is a table containing the comparison between init commands & systemd commands. In init based systems, we use service command to control whereas in systemd based, we use systemctl. Have a look at the following table & try it for yourself.

Comparison

Here are some screenshots(Click to Enlarge).

Here is a list of other systemctl tricks

systemctl show targets #Shows all targets
systemctl list-units  #Lists all units, use pipe to filter out
systemctl list-unit-files  #Lists all unit files
systemctl list-dependencies  #Lists dependencies to all objects
systemctl get-default #Shows the default target, default-graphical.target in Kali Sana
systemctl set-default <target> #Set the target. try multiuser.target

2. New Network Manager – NMCLI

Nmcli & Nmtui are the new 2 interfaces to the network manager in new unix systems. In Kali Linux v 2.0, this new manager to manage Network Connections is available. Nmcli is the command line version & nmtui is the curses like text interface. Other systems like CentOS/RHEL/Fedora etc are also starting to use nmcli.

Using nmcli, we can add, edit or remove network connections & every small details in each of the connections wee have. In addition, creating bridges & bond connections(Team Aggregation) are just a few strokes away.

Tasks

  1. View current State using nmcli
  2. Start & Stop a connection using nmcli
  3. Setup a connection with nmtui

1.View Current Status

nmcli connection show <connection name> <press tab twice to view all connections>
nmcli con show eth0<replace with yours>

Here are some Screenshots(Click to Enlarge)

2. Start & Stop Connections

nmcli con show eth0<replace with yours>
nmcli con down eth0
nmcli con up eth0

3.Setup a connection with nmtui

For this, I have added a new adapter to the VM. Let’s give a static address to the newly added NIC.

NMTUI is an interactive terminal, you can do it by yourself.

Here are screenshots of NMTUI(Click to Enlarge)

Refs: Redhat, GNOME Wiki

3. Journalclt

Journal is a new system which collects log data including their meta data from various sources within a Linux/Unix system. Journaluses a native API fro collecting logs from various sources including systemd, other service deamons, kernel etc. It indexes the collected data & restructures in an efficient manner. As a result, seek times are less. In addition, journal works in parallel to legacy systems like rsyslog and logs are available in the same locations(/var/log)

Journald service is responsible for collecting the logs & doing all the process. Journalctl is an interactive console tool to view journals. Using journalctl, journals can be viewed & sorted out very quickly as the complete data are indexed. So this can help in solving problems a lot faster.

Tasks

View logs with journalctl.

journalctl
journalctl -xn

Here are the screenshots(Click to enlarge)

Refs: Redhat, DigitalOcean

Conclusion

Putting it all toghether, Kali Linux has had a complet core-level change over. Maybe that’s one of the reasons why the developers have gone from Version 1.1 to 2.0 directly. With improved Kernel, logging system & Network Manager, Kali Linux 2.0 has prooved to be more stable & and to emerge(or remain)  as an industry standard Pen-testing Distro.

Ravi Sankar

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

7 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

7 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago