1.0 The Beginning (KL)

00:01

Hello and welcome to this Callie Fundamentals video. I'm excited to be here with you this evening to get into the beginning. So when you go to work for a new company or you're getting into a new relationship, you always want to have a little history and backstory that just helps to ensure that your,

00:19

you know, moving into a relationship that's going to be meaningful and you're knowledgeable and

00:25

except for those kind of things. So when we get to work with this tool set with Callie Linen, we want to make sure that we've got some history. So the objectives for this lesson

00:35

art walk away with a brief understanding of the Cali Lennox background. We wantto at a high level understand what Lennox is, and then we want to know how flexible. You know, Callie is at a high level, so let's jump into the history lesson real quick.

00:49

So Callie Lennox was established March of 2013 with version one point. Oh, now Callie is based on the Debian operating system,

00:59

and you know, it was there that they got their start. So since then, there's been a number of iterations with Callie Lennox about 22 to date, actually 22 on the dock to date at the time of this video. But

01:15

the thing that you want to know about this group in about the community is that they're very, very good at working out bugs. They're very, very good about determining which tools to keep. And so the reason that you want to be cognitive of the Federation of Kelly that you're using is that there may be tools in version one point, though, that are definitely not present

01:34

in the current version. And there may be some tools that you want to use in the older versions,

01:38

but you just need to be aware that do those in orations. The tools have changed and the layout has changed in the way that the system works has changed to a degree as well. So you may be thinking,

01:51

Well, we've mentioned Kallie. You've mentioned Debbie, and are there other Lennox variants or Lennox flavors and absolutely with respect to open source operating systems? Three. Community does a wonderful job of maintaining several different operating systems and distributions. Not all of these air for pin testing you've got a boom to which can

02:09

at, as you know, an end user system, or is a system that she used home. You could load

02:15

tools that Aaron the Cali distribution into a boon to you've got meant. Lennox, you've got precise puppy. You've got fedora. So there's a combination of operating systems out there, depending on what you need them to do. They could be on a multitude of

02:31

smaller devices or Loki devices. Things of that nature. Small computing devices.

02:37

Lennox is everywhere.

02:38

So you may be asking yourself, Well, you know what is Lennox with respect to how we're defining it and talking about it here?

02:46

So when I talk about Lennox especially within the relationship of Cali, Lennox

02:52

Lennox is because of the operating system. It is the Colonel, and a few things that the Colonel will control are like CPU memory and devices. So you may already be familiar with the concept of what a colonel does but to give you a quick refresher in this instance, we've got let's just say, an app that communicates with the crawl

03:12

and then

03:13

at the colonel level, were communicating with the CPU. The colonel's communicating with memory. It's communicating with devices and peripherals And so it is going to ensure that the app, when it requests resource is an information or input that it is being provided. So with respect to this relationship,

03:31

when we say Lennox Lennox is really the core of any of the operating system distributions

03:38

that we've discussed here, So I've got a quick surprise for you. A check on learning. So when we were discussing the history of Cali earlier, what was the original or what is the base distribution? Are operating system that that is is based off?

03:54

All right, so you were probably thinking Debian,

03:59

and if you put Debbie in their thought, Debbie and then you were absolutely correct. Great job. So let's go ahead and ship gifts real quick and talk about some of the features and things that Kelly has available to it.

04:13

So the first thing you can run Kallie as as your day to day operating system, you can fully install it and use it for day to day activities and functions. There's some recommendations will make later to talk about how you could do that securely and safely. You've got live boot, which is going to allow you to just take B

04:31

disc or take a thumb drive that's got

04:33

the Cali. I so on it. And then from there booted and goto work. So you're not fully installing the Cali operating system onto a device. You're just kind of life booting. You can take advantage of full disk encryption, which is definitely something we want to do if we're gonna be doing security testing,

04:51

handling client data, potentially

04:55

pulling data from systems for the sake of testing things that nature. So we always want to ensure that that information is encrypted. And then we've got easy nuke. Luks, you know, this is easy new cure. Essentially, what that allows you to do is you can use that to new conscripted data. So if you need to a race day to get rid of information, you can use easy new

05:14

to be that.

05:15

And then we've got a forensic mode here, So if you need to get a copy of the hard drive, that is forensically sound that's not altered. None of the other states here, like a full installation lifeboat or doing any type of encryption is gonna help you in that. And really, this just insures that if you've got a hard drive plugged into a system

05:33

or whatever the case may be, if you need a copy of the disk and you need to live food or something of that nature,

05:39

too, and you don't want to disturb the state of the disc by adding data to it, you can boot and forensic mood to do that.

05:46

So let's jump into a few tool categories here.

05:48

So you've got several categories outside of these. These are just some high level areas I wanted to touch on two categories. Under information gathering will cover things like maybe D. N s reconnaissance. If you're trying to get some information about a potential target for a pin test or something of that nature

06:06

vulnerability analysis tools could be like open. Boss, there's air gonna be important for scanning systems for vulnerabilities to help you determine

06:14

how you going to do an attack or something of that nature. You've got wireless attack tools which are going to be used for, like cracking. Why was access point or trying to crack a key on, You know, a WiFi access point. We'll have an application tools or things like fuzz er's, which you can use to manipulate the inputs of tools

06:32

and kind of see what you'll get out of the website so that you can then determine if there may be something you could take advantage of our exploit their

06:41

and then we've got some exploitation tools which will tuck touch on later. But those were the tools that once you kind of tested the lock and you've worked to see if the door's week and thinks that nature you're gonna determine. Okay, can I kick it in? Can I pick the lock, et cetera? And right now, you know, we're thinking of Cali is kind of this pile of tools over here. You don't really,

07:00

No, what All you have and you're not maybe 100% sure of what everything does.

07:03

But we're gonna work through that together and kind of determined what tools are gonna be best for your day to day and, you know, in your operations overall.

07:14

So I got another surprise for you. It's a check on learning. So we were discussing some of the the abilities and features and functions of Cali earlier.

07:23

Which of those allowed you to get an image of a hard drive without altering that hard drive state.

07:30

All right, so you may have taken a moment to look at these. So remember that live boot just allows us to kind of boot the system without fooling installing it. It really doesn't do anything to keep the state of the drive or any connected devices the same as they were, So that's not applicable. Hero.

07:47

A full installation is definitely going to alter the state of the driver or anything that we're connected to.

07:53

But remember, when we boot the forensic motor use forensics mode on the Cali distribution, it should not disturb the state of any connected devices and would allow us to work to get a forensic image of, ah, hard graft or something of that nature.

08:07

So with all of that said, let's go through a quick summary of what we covered today. So we talked about some release dates or the release date for Callie and an overview of the current number versions and why that's important and what we need to look for with respect to the care and continued care of this distribution.

08:26

Ah, high level review of features and functions to get your brain

08:31

kind of turning a bit on some of the things Callie can do in a little bit of its flexibility there and then a few tool categories again, to get you thinking about some of the things that you could do with Callie, where you might be focusing on or where you're hoping that the distribution could be useful to you in your organization.