Optional Client Installed Sensor Initial Build and Setup Instructions

Dependencies

• Physical machine or VM with the following minimum configuration:

  • 8 GB RAM

  • 40 GB HDD/drive space available

  • 2-core processor

  • Ethernet connection with static IP address assignment

  • Internet access for sensor system updates, patches, and installation

  • Aside from the general internet access, the Kali sensor will also need outbound access to Emagined Security’s jump box on ports 22, 80, and 443. Destination IP will be provided by Emagined Security after the initial build.

    • Note: Access to the jump box is restricted to only trusted IPs, Emagined Security will need the source IP address of the Kali sensor. This IP can be retrieved by running the command below from Kali.

  • curl -4 ifconfig.io

Initial Build

1. Navigate to the OffSec Kali Linux download page. Currently located at https://www.kali.org/get-kali/

2. For optimum performance and control during the installation, select the corresponding ISO image for your target to install the host platform/virtual machine.

3. Confirm the Kali Linux download instance is as expected. NOTE: Kali Linux is released on a quarterly schedule throughout the year. Please try to download and install the most up-to-date version available for your target host/VM.

4. After confirming the hash value of the downloaded file matches the hash value on the Kali.org website for the image file (i.e., sum value), extract the file to the default install location.

5. Prepare the ISO file

   1. If using a physical host, extract the ISO image to a media format that can be physically used (i.e., read) for the host like CD or USB drive.

   2. If using a virtual machine, place the ISO image in a location where it can be mounted as a virtual C/DVD

6. Mount the ISO file

   1. If using a physical host, mount the media containing the ISO image and proceed with the installation steps documented below

   2. Add the ISO image to the newly created virtual machine image if using a virtual machine. Be sure the dependencies noted above are satisfied for the virtual machine, then proceed with the installation steps below

7. The following Virtual machine installation steps were performed on an Apple MacBook Pro using the M1 chipset as the host and using a Debian-based installation for the guest OS.

   1. Select New from the VMware Fusion menu

   2. Click on the Install from disc or image link and browse to and select the desired installation ISO file and continue to the next screen.

   3. Select the appropriate Linux version and architecture for your target environment and click continue.

   4. On the Finish screen, adjust the virtual machine settings so hard disk drive, memory, and core processors match the recommended minimums set in the Dependencies section above and then click Finish if available; otherwise, exit from the VMware settings when done making the appropriate adjustments.

   5. When ready launch/start the virtual machine to begin the installation.

Initial Installation

1. During the first launch, select the following options for the installation:

   1. Select graphical install from the drop-down menu

   2. Choose English from the next screen for the default language install and click continue.

   3. Please accept the United States as the default location and click continue.

   4. Leave or select American English as the default keyboard configuration and click continue.

   5. Please wait while the Kali image is mounted and processed.

   6. At the first “Configure the network” screen, select a hostname of your choosing. Emagined Security generally recommends something descriptive and/or obvious such as “kali” When ready click continue.

   7. At the second “Configure the network” screen, select a domain name that matches the one(s) used in your company/organization/business. If the virtual machine will be housed in a lab or standalone on the network, this value does not matter as it will be a temporary device/addition to the network. When ready, click continue.

   8. Select “kali” for the username at the first “Set up users and passwords” screen and click continue.

   9. Repeat the above for the “username” screen and hit continue.

   10. Select a fifteen (15) character length minimum password of your choosing. NOTE: Password entropy is highly desirable. Choose a password with a mix of alpha, numeric, and special characters. Password phrases are ideally better suited than non-sensical shorter passwords. Reenter the password when prompted. Select continue.

   11. Choose the time zone setting appropriate for your location and click continue.

   12. At the “Partition disks” screen, select “Guided – use entire disk” and click on Continue.

   13. Verify the partition device location and confirm the install location is correct or modify it as needed and select Continue. NOTE: In most cases, the default value will be correct.

   14. Select the “All files in one partition” option and click Continue.

   15. Choose “Finish partitioning and write changes to disk” then select Continue.

   16. Select the “Yes” radio button and choose Continue.

   17. Wait while the installation and disk writes occur.

   18. Select the default values on the next screen and click Continue.

   19. When the installation is complete, please choose Continue.

   20. The virtual machine should automatically reboot and take you to a login screen (e.g., graphical).

   21. Log in with the account and password set earlier – kali:<passphrase/password chosen> and confirm Kali loads/logs in.

   22. Launch a terminal window by using the applications menu, shortcut (i.e., the icon next to Firefox) or by pressing Alt+T (Windows) or Ctrl+Option+T (Mac), and type the following command:

   23. curl -4 ifconfig.io

   24. Note the external IP address returned and provide it to your Emagined Security engagement lead for further updates and a customized engagement setup.