Ubuntu Server Installation

The process of installing Ubuntu server be it on a Virtual Machine or an actual system can seem daunting at first, but aside from the GUI that Ubuntu Desktop boast the process is the same.

A prerequisite to the installation will be your boot media, I tend to use a USB stick for this as the process of creating the device is much easier and does not require any blank disks. There are a number of applications online that allow for you to create a bootable device but I have found Rufus to be the simplest and easiest to use.

Once you have the bootable device all you need to do is insert it into the system and power it on.

Stage 2 –  Select Language to display the installation in

wp-1520337492587..jpg

Stage 2 – Choose the type of installation, for the purpose of this tutorial and all my personal usage we will select “Install Ubuntu Server”

wp-1520337513268..jpg

Stage 3 – Select installation language

wp-1520337575410..jpg

Stage 3 – Select Location

wp-1520337588686..jpg

Stage 4 – Configure the keyboard, for the purpose of this demo it will be done manually. But there is the option for automatic keyboard detection

wp-1520337604215..jpg

Stage 5 – Select the keyboard configuration that best suit you

wp-1520337612418..jpg

Stage 6 – The installation detects disks and other hardware

wp-1520337622053..jpg

Stage 7 – The installer will acquire additional components such as the setup of the clock

wp-1520337655096..jpg

Stage 8 – The Installer then goes on to detect the network hardware

wp-1520337662332..jpg

Stage 8 –  Select the host name for the system or just the name of the system. An example might be mail if your device is intended to be a mail server.

wp-1520337670510..jpg

Stage 9 – Type in the users full name (The Username will be automatically detected using the users first name but can be changed)

wp-1520337679152..jpg

Stage 10 – Select user password and retype for confirmation

wp-1520337689733..jpg

Stage 11 – Select if you want your home directory to be encrypted (I usually select no as I have limited requirement for it)

wp-1520337698339..jpg

Stage 12 –  Confirm the automatic detection of the clock settings (If it is incorrect by selecting no you will be given the option to select yours)

wp-1520337706211..jpg

Stage 13 – The installer then detects all other disks and Hardware

wp-1520337716614..jpg

Stage 14 – Selecting the disk size and creating partitions (For this installation we only need this to be installed as a sole OS as the rest of the machines will be running virtually from this host server) You can select use entire desk or set up LVM. The only real benefit of LVM is on the fly partition changes.

wp-1520337725939..jpg

Stage 15 – Select this disk to write changes to

wp-1520337736007..jpg

Stage 16 – Confirm that you wish to write the changes, it may warn you that you will lose all existing data

wp-1520337744336..jpg

Stage 17 – Final confirmation to write changes to disk

wp-1520337751592..jpg

Stage 19 – The installer will then install the system to the disk/partition you have your opted for

wp-1520337759495..jpg

Stage 20 – Installer is configuring the Apt source lists

wp-1520337766753..jpg

Stage 21 – At this stage of the installation you are given the option to set up a Proxy connection, if you do not require this leave it blank and continue

wp-1520337774462..jpg

Stage 22 – The installer is selecting and installing the required software

wp-1520337782323..jpg

Stage 23 – At this stage I would suggest selecting “Install security update automatically” but decided based on your own preferences

wp-1520337790673..jpg

Stage 24 – The software selection alow for you to pre install certain packages before the initial boot into the server. This could potently save time, but I personal add all my software after the installation so select manual package.

wp-1520337799751..jpg

Stage 25 – The installer will then install any selected softwares and clean up once it is done.

wp-1520337808297..jpg

Stage 26 – The installer then sets up and installs the GRUB boot loader

wp-1520337815585..jpg

Stage 27 – If this is the only OS on the system then you need not worry about just selecting yes.

wp-1520337823198..jpg

Stage 28 – Confirm and finish the installation

wp-1520337832162..jpg

 

After you have finished the installation the system will reboot and you should remove the bootable media from the system before it boots back up.

A good method on first logging into the new system is to run the commands below as there is a high change the system will inform you that there are a number of packages that require updating. You can run them all at once with example 1 or individual wit example 2.

Example 1

sudo apt-get updates; sudo apt-get upgrade; sudo apt-get dist-update

Example 2

sudo apt-get updates
sudo apt-get upgrade
sudo apt-get dist-update

I hope this helps when installing Ubuntu server, and if you enjoyed check out my Home Server Project

 

What is Kali Linux?

In one of my recent post I explained and easy and safe way to set up your own Digital Forensics Lab and I mentioned a Linux based operating system by the name of Kali Linux. But what is it? and why would you use it in your virtual hacking lab?

Kali Linux is a Debian based operating system that uses the Gnome desktop environment, but unlike Ubuntu and Gnome Kali is packed full of usefully tools and applications for cyber security and digital forensics. Meaning that it is pretty much a one stop shop for just about any tools you could need, this makes things very convenient as you do not have to search around and download multiple applications they are already there in one place. It makes use of the Gnome menu system and groups all of the tools into named folders with the type of tool it is. This again means there is no hunting around when you have installed all of your tools.

There are a number off different use cases for a package such as Kali and the could be from a general curiosity to using it in industry as a professional. I personally use it along side my degree as is part of my course. But with it being free you can start using it when ever you want and with the many tutorial online it is really simple to get started and learn how to use it.

Because it uses the Gnome desktop it feels nice to use just like Ubuntu or Gnome, and it doesn’t feel like a tool your using. Granted a lot of people would be very unfamiliar with either of these Linux system but after a little bit it feels natural or like using any other graphical operating system. It also means that you could use it as a daily operating system if you were that way inclined. And don’t worry about requiring the latest computer hardware to run it because due to it being Linux based it doesn’t require all to much. Granted for certain task an application a little extra power wouldn’t go amiss but if you where to run it on 1 or 2 cores with 1 or 2 GB or ram it wouldn’t feel sluggish. And better yet you can run it live from a USB stick so you don’t even have to install it to benefit from it tools and features.

I tend to run it through a virtual machine, this is due to the safe lab that I mentioned before, and again it runs just like any other system within a VM. One benefit of doing this is that you can play around with the hardware the VM will supply it with. So if you have the hardware to spare you can build a beefy Kali System.

Tools Included in Kali

  • AirCrack
    • AirCrack is a WEP and WPA (Router Password) cracking tool, meaning that if you where preforming a penetration test on a company you may be able to gain access to there network through the WiFi.
  • Burp Suite
    • This package allows you to test the security of web applications, it does this by canning the application the searches for possible vulnerability. This is a very helpful tool for developers who wish to make there product as secrecy as possible.
  • Hydra
    • Hydra is a brute force password cracking application that on the surface looks limited and outdated. But in reality is a powerful tool allowing you to attack one or many users with either a single password or from a list of passwords.
  • John the Ripper
    • John the Ripper is another password cracking application that is command line based, although you can use a graphical version in the form of Jonny the ripper. It has been know for its speed at being able to crack passwords.
  • Maltego
    • This is one that you are very unlikely to have used or heard of and it is Maltego, this application is an effective relationship tracker that can work on social media platforms, Computer networks and websites. Once it scans the target location it produces a map using graphics making it clear and easy to understand.
  • Megasploit Framework
    • This is another application that works well for developers or system admin, Megasplot Framework runs simulated attacks on your network trying to find vulnerabilities. This allows you to patch or alter the vulnerability and make your system as secure as possible. And because it is all simulated there is no negative effects on the network its self.
  • Nmap
    • Is another command line application that has a graphical front end application as well this time its in the form of Zenamp. The purpose of this tool is to preform network discover scan and also security auditing.
  • Zed Attack Proxy
    • The Zed Atatck Proxy or ZAP is another penetration testing tool targeting web applications, It supports the Open Web Application Security Project or OWASP and is pack to the brim with functionality and features.
  • Sqlmap
    • Sqlmap is again a penetration testing tool but this time it is targeting SQL databases and looks for weakness in SQL injection, In some cases SQL injection can compromise an entire database. This could potentially leave the target in a whole heap of trouble.
  • Wireshark
    • Wireshark is a network protocol analyser, it boast some features such as being able to scan hundreds of protocols and preform offline analysis.

Other Similar Operating Systems

All of the above are aimed to provide a similar services to Kali Linux, and although I have limited hands on experience with each of them. I do know from others that they are good at what they do and that they should be considered as an alternative to Kali. Some of them are more tailored towards anonymity online while other are again forensics packages.