Kali Linux is a fantastic operating system for penetration testing and security evaluation. It comes with virtually all security tools built in, it’s lightweight by default, and it has a huge ecosystem that is constantly helping with the project.
Kali recently began moving towards a rolling distribution. This allows both the core Debian operating system components and the applications to update much more frequently with fewer dependency breaks. This is big deal, both because all future development will be on the rolling distribution and because the current distribution will not be supported after April 15th 2016.
This nearly-constant update rhythm is great for penetration testers. Kali will now have the very latest builds of essential tools like Metasploit, Kismet, and aircrack-ng. It will also get Debian Linux updates more frequently to support newer hardware and integrate bugfixes.
There’s always a downside though. Here, the downside is that you need to update Kali more often. As an example, I installed Kali yesterday and immediately ran apt-get update and apt-get dist-upgrade to update the installed components. That’s to be expected, the installation ISO was built weeks ago. What I did not expect was that this morning I also checked for updates. After only one day, here’s what I see:
So in less than 24 hours with the default Kali Linux installation I went from fully up-to-date to needing 32 packages.
The benefits of frequent updates outweigh the drawbacks. But you need to ensure that you regularly update Kali. Otherwise you’re missing out on this amazing benefit.
Mike Danseglio – CISSP, MCSE, and CEH
Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.