hi guys....

sorry if this is not the correct place to ask this question

i know this an unusual question ,

my problem is... i have someone on my network who is using Kali Linux, is there away to protect myself from him??
he is still in the beginner phase .

my router is an old school netgear dg384g


he does have the password of the internet and i have to give it to him he is family and we live together,

will wireless isolation keep him of the router ?
will he be able to see the web history of everybody on the network as he claims??
is there away to block him?


thank you in advance and sorry if this question against forum policy.

What do you mean by wireless isolation?

Hey Mark,

The best defense against any online attack is a fully updated OS with a firewall blocking any port you're not using. If your computer is running Windows, keep the anti-malware software (whatever it's called on Windows 7) active and also updated.

Sounds like a sibling deal going on here? My take on your situation is: if this family member isn't an eager learner and lacks perseverance, you probably have nothing to worry about. There's nothing magical about Kali Linux. It does come with certain testing software that can be used in some cases to "hack", but the software has a steep learning curve, and isn't likely to work against a maintained machine.

Dave

1 members found this post helpful.

Welcome to LQ!

There is nothing magical about Kali Linux, and as mentioned already the best technical defense is the same as defense aginst any online attack.

The fact that your "attacker" has access to your router and LAN makes it more important to configure and monitor your own computer for best security, but the fact that they live in the same house means they probably have physical access to your computer at times... there is no software defense for that!

But the best defense might not be software or configuration. The best defense may be to sit down with them and discuss some aspects of this situation that they (and you) may not have considered.

Breaking into your computer system is no different than breaking into your bedroom, or sifting through your wallet - except that it is more cowardly as there is less risk to themselves. The real problem is not how they do these things, whether they use a crowbar or Kali Linux, but rather that the person who will do either simply has no respect for you as a person. Confronting them with that realization might give them pause and make it seem less kewl in their own eyes, and solve their problem and yours.

How you express that will obviously depend on their age, and yours, and your relationship to each other - but that is the source of this problem and many others that will inevitably follow. We must learn to respect each other as we want respect for ourselves - when we reach that point, all other problems disappear.

2 members found this post helpful.

1)Use a VPN so your traffic is encrypted 2)Modify all setuid programs (programs that can run as root) to read only for groups/others (besides /bin/su) 3)Uninstall all services that are listening for outside connections from which he may be able to gain entry from.. You can find such services by using netstat -tap | grep LISTEN.. 4)Setup a dedicated hardware based firewall on another computer using a firewall distro like pfSense... 5)Put his computer in a DMZ 6)Put your computer in a VLAN 7)Use a VM to host your services (aka VPS) so the ports for your running services are not visible on your phsyical machine. 8)Disable USB/DVD drives and set a BIOS password

1 members found this post helpful.

A couple of questions:

Is this a home network or a business network? If it's a business network (or perhaps a network at an educational institution), would the IT Department be interested in knowing about this? If it's a home network, I get the impression that you are not in a position to remonstrate with this person.

In any case, I would second Astrogeek's advice. Take the same defensive steps you should be taking already to keep yourself secure against dishonorable persons in the Big Wide World.

I will add this: I've done some stuff with Kali based on this Linux Voice tutorial out of curiosity (my Kali was not public-facing, per the instructions in the tutorial). The only thing special about Kali is that it already includes a number of penetration tools that are readily available to anyone who would like to install and use them. It's not magic, and doing actual penetration is boring, time intensive, and not all romantic; it's mostly command-line drudgery, not the flashing windows and fancy graphics you see on your television. Unless this person is highly motivated to be a cracker or a white-hat hacker, I'll wager that he will soon lose interest in Kali.

1 members found this post helpful.

Can't you password protect the router? He doesn't need to know the router password to use the Internet.

thanks a lot everyone for answering ..


yes it is a home network,
and he is a relative.
but he is just a kid (14) but persistent , and youtube is full with tutorials .
in his mind this is the first step for being a hacker,
the problem with him that he doesn't have the sense of right and wrong whatsoever .


thank you sir you helped me so much , and i learned lots of things i didn't know.


...

but what about the cellphones and tablets on the network are they exposed ?

he is using kali linux on a "virtual machine on" winnows8/dell inspiron 15
is there anyway to completely keeping him of the router ? or maybe scare him off kali linux ?

can i put him in a guest network in my current router and would that stop him?
what about the Facebook hacking and such stuff is it doable with kali linux?

and there anyway to stop him from Sniffing Traffic , not just by using https and tunnel vpn but altogether .

i used to be such a fan of linux , and i can't believe they made a system
which is that easy to be used without making a defense mechanism against it.
i know it should be used to test the security vulnerabilities on the network . but still they should've made a way in case it wasn't used by an ethical hacker

If you are the network administrator, change the router password. As pointed out above, there is absolutely no reason for users to know it.

I'd agree with the post above by frankbell. The tools available on Kali are available to be used on almost any Linux system. Using Kali isn't that 'easy' to use as there is a lot to learn before you can even begin to use it and I suspect your relative will get bored with it soon and that s/he is exaggerating what is being done.

Anyone with the willingness to learn and the time can 'sniff' other computers/networks and I'm sure attempts are made on almost all computers on a regular basis. You need to secure your own system to prevent that.

The blame is not with the developers of Kali or the tools available on it because they are needed and useful but with your relative for abusing them.

Does your 14 year old relative not have a 'parental unit'? That would be the person to speak to.

2 members found this post helpful.

well if he's a minor, and you're the adult who actually owns the router, and if he's admitted to threatening to hacking into family member's computers - i'd change the router passwords and not let him use it anymore, simple.

supposing we're talking about wireless: of course everyone should use WPA encryption, and not WEP!!!

but, as was said before, kali linux is not magic in any way.

however, i wouldn't underestimate the creative potential of a teenager, either...

1 members found this post helpful.

would changing the administrator password of the router while having the wifi password prevent him from sniffing browsing history or logging somehow into the router with kali linux ?

also would changing the default getaway to the router help or not?

Not any more than with any other distro. All the "tricks" they can do with Kali can also be done with Mint or Ubuntu or just about any other distro. Yes you could raise the bar by using OpenVPN and taking the other advice offered already. However, really you have a social problem on you hands more so than a technical problem.

guys i have an important update on the matter

his mother scared him a bit, and gave me the laptop to format and install a new system on it ..
can i do some tweaking to control future things ?
or put restriction somehow ?


he have netcut ,selfishnet, wireshark and kali on vm , and using Hydra heavily that what i did see .



i have his laptop now and i'm going to format it , do you guys recommend anything ?

You could use a Kiosk distribution to only allow them to use Firefox or whatever. Lock down the BIOS to remove the ability to boot to USB/CD. Put a password on single user mode and grub might help.

If the host system is Linux, then also make sure that to create an extra, unprivileged user for them to use for their main account so they're not logging in with an account that can escalate privileges. Leave the admin account for yourself. Set it so it does at least security updates automatically without intervention.

1 members found this post helpful.