UTC is the universal time zone used by all Whonix Workstations and Tor Browsers. Once Kali is booted, the first thing we want to do is set the time zone to UTC. After initial configuration, and potentially a required reboot of the virtual machine, we should be left with something similar to the window below.Īfter this settings change is saved by pressing "OK" we can boot our Kali virtual machine back up. Step 5: Routing Kali Through Whonixįirst, we'll want to boot our Whonix virtual machine in the same way as we started the Kali VM, by pressing the "Start" button in the upper left of the VirtualBox window. sudo apt-get update & sudo apt-get upgradeĪfter our system has finished updating, we can shut down the system using Kali's login manager. We'll update the package registry, and upgrade outdated packages. Upon booting our Kali VM, our first action should be to open a Terminal window and update the system. The graphical install works as any other distro install wizard and should be relatively simple to follow.Īfter the virtual machine has been installed or booted, the following steps will allow us to configure it to work with Whonix. The virtual machine can be booted and rebooted, and with this, it may be easier to save configuration states on the virtual hard drive rather than solely within VirtualBox's save states. Installing Kali onto the virtual machine does, however, provide some benefit. The Whonix and VPN configuration will still function with a live boot device, and the machine state and configuration can be saved using VirtualBox's save state function. The virtual machine behaves as if it were a Kali image being loaded onto any other piece of hardware, and as such at this stage it can be installed, or run as a live boot. With VirtualBox open after completing it's installation, first select the "File" menu and click on "Import Appliance." With all of the prerequisites prepared, we can begin configuring our virtualized environment. PIA has a stated policy of not keeping logs, but no server outside of one under a user's own control can ever be assumed to be completely trustworthy. When choosing a VPN, it's best to consider the general trustworthiness of the service, the location of their servers, as well as their stated policies regarding data and metadata logging. We recommend Private Internet Access's VPN service, however, there are a number of other free and paid VPN services available online. The Whonix-Workstation file can be downloaded here.ĭon't Miss: Access the Dark Web While Staying Anonymous with Torįinally, you'll need a VPN service to be able to route traffic over the VPN before entering the Tor network. We only need the Gateway image, as we will be using Kali as our workstation rather than the Whonix Workstation environment. Whonix provides an OVA file which can be opened and configured within VirtualBox. "Kali 64 bit" should work for most users. We can download it here, choosing the correct architecture (32- or 64-bit) and the desktop environment of our choice. In order to virtualize Kali, we'll need a Kali disc image. It can be downloaded from here, or it can be installed on a Debian-based Linux distro such as Kali with the following command. It runs on Windows, OS X, and is available in the repositories of most Linux distributions. VirtualBox is used for all virtualization within this tutorial. Tor is an effective traffic obfuscation network, and while Tor Browser alone cannot support a hacker's behavior, we can use Whonix to route the entirety of our Kali Linux traffic over the Tor network.įinally, in order to add a further level of anonymity, we can combine a VPN with Tor in order to further obfuscate our host traffic and prevent against Tor Deanonymization Attacks. Running Kali Linux in a virtual machine can be an ideal hacking platform for launching attacks, but is only as anonymous or private as the connection used. By routing all traffic over Tor and reducing the threat of malicious entrance and exit nodes with a VPN, we can configure Kali to become thoroughly private and anonymous. Hacking from a host machine without any form of proxying is reckless for a hacker, and in a penetration test, could lead to an important IP address becoming quickly blacklisted by the target.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |