Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
04-14-2017, 12:32 PM
|
#1
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Rep:
|
Reasons not to use pen testing distros as main OS?
As it says in the title I just was wondering why this would be a bad idea, any explanations would be helpful, thank you! I think the common reason ppl say is that normally pen distros start you off in root, but in the case of Pentoo that is not the case..
Last edited by linux4evr5581; 04-14-2017 at 12:34 PM.
|
|
|
04-14-2017, 01:19 PM
|
#2
|
Senior Member
Registered: Feb 2009
Posts: 4,667
|
According to the Pentoo website, you are "allowed" to install and update Pentoo, as you would a regular Gentoo install:
Quote:
...System updates if you got it finally installed...
|
|
|
|
04-14-2017, 03:07 PM
|
#3
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Original Poster
Rep:
|
Yeah it's pretty much hardened Gentoo but just with a Pentoo overlay. I like it because the kernel comes hardened with GRsec/PaX by default, and there's a lot of preinstalled software I was going to download anyways like MuPDF, Links, URxvt, YubiKey manager, proxies, etc.. Also I want to learn Gentoo, so by using Pentoo I think it'd be smooth transition as it 'just works', so I can learn how OpenRC and Gentoo's package manager works.
|
|
|
04-14-2017, 08:58 PM
|
#4
|
LQ Guru
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,736
|
I have some experience with Kali from a Linux Voice tutorial about it.
I would not want to use if for a desktop distro, as it's not designed for such. It's full of pen-testing tools out of the box (which tools, by the way, tend to be command line, unlike what you see on your television). It's designed for pen-testing from the foundation to the attic; and using it as a desktop would be way more trouble than it's worth.
Turning it into a desktop distro would be like trying turning a telephone line truck into a wedding limosine. It could be done, but why ask for trouble?
Last edited by frankbell; 04-14-2017 at 08:59 PM.
|
|
|
04-14-2017, 09:10 PM
|
#5
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
A pen-test distro doesn't do anything you can't do with any other distro. It just installs a lot of software packages by default that you'd use for pen testing. They're for users who already know pen testing.
|
|
|
04-14-2017, 09:55 PM
|
#6
|
LQ Newbie
Registered: Aug 2014
Posts: 21
Rep:
|
I think this is an old wives tale. Kali is completely suitable as a full time desktop. I've yet to see an acceptable reason given not to run it as such. I ran it for awhile and installed all the apps I use on a daily basis. I'm not a Debian fan and eventually moved away, but I never had a single problem running it as my main desktop. Just be sure to create a user and not run as root, just like you would with any other distro.
|
|
|
04-14-2017, 10:18 PM
|
#7
|
LQ Guru
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,736
|
No one is saying that Kali cannot be used as a desktop distro. "Cannot" and "should not" are two very different concepts. Kali's own website recommends using Kali in live mode and not using it as a general purpose distro.
The issue rather is why bother? just as in "why bother using a combine harvester to transport peaches to market?"
Many of the "don't use Kali" posts that you will see here at LQ are directed towards new Linux users, and quite justifiably so. I would say that a new Linux user should no more use Kali as a desktop distro than he or she should try to start out with LFS.
Last edited by frankbell; 04-14-2017 at 10:20 PM.
|
|
|
04-15-2017, 04:18 AM
|
#8
|
LQ Addict
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
|
Perhaps Pentoo is different but from th numnber of posts form new Kali users it's pretty apparent why it should not beused as a main OS. From issues with jsut installing it and getting it to work at all to mismatched versions of libraries when attempting to install new software, from the repositories or not, it's plain to see that Kali simply isn't designed for day-to-day use.
If you can shave with a katana that's fine -- good for you -- but that doesn't mean that a katana was designed as shaving apparatus, that a katana is the best thing to shave with or, indeed, that it's a good idea to shave with a katana. Trust me, shaving with a katana is a tricky thing to attempt.
|
|
|
04-18-2017, 06:18 PM
|
#9
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Original Poster
Rep:
|
Thanks for the advice everyone, my decision was to either get into and start learning Alpine or Gentoo.. I decided Gentoo since Pentoo also states that security is of priority, and since it comes with a lot of software that I already use (not pen testing, as that's for another day, but it's cool that I can see thoese tools at a glance as to get familiar with names/categories). Gentoo FTW!
Last edited by linux4evr5581; 04-18-2017 at 10:24 PM.
|
|
|
04-18-2017, 06:32 PM
|
#10
|
LQ Guru
Registered: Sep 2013
Location: Somewhere in my head.
Distribution: Slackware (15 current), Slack15, Ubuntu studio, MX Linux, FreeBSD 13.1, WIn10
Posts: 10,342
|
Quote:
Originally Posted by linux4evr5581
As it says in the title I just was wondering why this would be a bad idea, any explanations would be helpful, thank you! I think the common reason ppl say is that normally pen distros start you off in root, but in the case of Pentoo that is not the case..
|
i am thinking you are speaking of Linux OS on a USB stick booted from Windows or mac even ...
whatever you do in it is not saved. if you delete anything in that pen drive (usb Stick) you are not really losing anything but the OS itself. per se' because it does not save any work what so ever. Just burn it back on to the USB Stick -- no big deal. it is for testing anyways.
out side the ones that are created to do so. Then they would not fall into the "testing distros' category.
they are only intended to have someone boot it roam around in it for a while just to get the feel of the OS.
Like test driving a car. you do not put more gas in it out of your pocket and what not.
you just take it for a spin to see if you like it or not.
that is all they are intended for therefore to make a "better" more secure one that one cannot screw it up is to me a waste of time.
Having it as root is just easier to set up I'd guess. One still needs to deal with root eventually if they are running their own Linux OS.
why not on their first try?
PS
Please mark solved.
Last edited by BW-userx; 04-18-2017 at 06:35 PM.
|
|
|
04-18-2017, 10:20 PM
|
#11
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Original Poster
Rep:
|
I think you can make a rock solid secure system though that not just anyone can break into though. To me it's not a waste of time as someone has to do it (and it's a fun hobby). There's crackers that are contantly trying to break into systems so there must be cyber security experts constantly trying to defend those systems. It's an equal balence.. The fact that I can use Gentoo to compile only what I want in my software and the drivers I need I think is a step in the right direction (not sure if Alpine can do this). Leaves the attack surface to a minimal..
Last edited by linux4evr5581; 04-18-2017 at 10:43 PM.
|
|
|
04-19-2017, 01:35 AM
|
#12
|
LQ Addict
Registered: Dec 2013
Posts: 19,872
|
Alpine is not a pentesting distro.
|
|
|
04-19-2017, 10:42 AM
|
#13
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Original Poster
Rep:
|
Quote:
Originally Posted by ondoho
Alpine is not a pentesting distro.
|
I know of course it's not, but they both use Grsecurity and PaX
|
|
|
04-19-2017, 02:05 PM
|
#14
|
Senior Member
Registered: Feb 2003
Distribution: debian
Posts: 4,137
|
Mostly because the tools to exploit you are ALREADY INSTALLED. So anyone who has gained access doesn't need to find a way to get that software on your system, it's already there. And properly configured in many cases.
|
|
1 members found this post helpful.
|
04-19-2017, 02:15 PM
|
#15
|
Member
Registered: Sep 2016
Location: USA
Posts: 275
Original Poster
Rep:
|
Quote:
Originally Posted by Shadow_7
Mostly because the tools to exploit you are ALREADY INSTALLED. So anyone who has gained access doesn't need to find a way to get that software on your system, it's already there. And properly configured in many cases.
|
I didn't think about that, that's good point, and it does come with a lot of tools... I'll probably check out Funtoo lol..
|
|
|
All times are GMT -5. The time now is 11:47 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|