Preparing your system for the field

Starting with a clean Kali installation is highly recommended and why having a pre-customized version of Kali Linux that is ready for automated installation quickly pays off.

There are some universal recommendations that you really want to follow.

  • First, consider using an encrypted installation as documented in Section 4.2.2, “Installation on a Fully Encrypted File System”. This will protect your data on the physical machine, which is a life-saver if your laptop is ever stolen.
  • For extra safety during travel, you might want to nuke the decryption key (see Adding a Nuke Password for Extra Safety) after having sent an (encrypted) copy of the key to a co-worker in the office. That way, your data are secure until you get back to the office where you can restore the laptop with the decryption key.
  • Another item that you should double-check is the list of packages that you have installed. Consider what tools you might need for the work you are setting out to accomplish.
    • For example, if you are embarking on a wireless security assessment, you may consider installing the kali-linux-wirelessmetapackage, which contains all of the wireless assessment tools available in Kali Linux, or if a web application assessment is coming up, you can install all of the available web application testing tools with the kali-linux-web metapackage.
  • You might want to review your network settings (see Section 5.1, “Configuring the Network” and Section 7.3, “Securing Network Services”).
    • Double-check your DHCP settings and review the services that are listening on your assigned IP address. These settings might make a critical impact to your success. You can’t assess what you can’t see and excessive listening services might flag your system and get you shut down before you get started.
  • If your role involves investigating network intrusions, paying close attention to your network settings is even more important and you need to avoid altering the impacted systems.
    • A customized version of Kali with the kali-linux-forensic metapackage booted up in forensics mode will not automatically mount disks or use a swap partition. In this way, you can help maintain the integrity of the system under analysis while making use of the many forensics tools available in Kali Linux.

It is critical that you properly prepare your Kali Linux installation for the job. You will find that a clean, efficient, and effective Kali environment will always make everything that follows much smoother.