KaliLinux Setup

  default username: kali
  default password: kali

$ sudo echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list

$ sudo apt-get update
$ sudo apt-get install kali-archive-keyring
$ sudo apt-get update

$ sudo apt-get install kali-linux-all

# show netstat
$ sudo netstat -tulpn
  # Proto Recv-Q Send-Q Local Address           Foreign Address         State         PID/Program name
    tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      27569/python2.7
    tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      8703/redis-server 1
    tcp        0      0 0.0.0.0:5901            0.0.0.0:*               LISTEN      22512/Xtightvnc
    tcp        0      0 127.0.0.1:9390          0.0.0.0:*               LISTEN      19802/openvasmd
    tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN      22512/Xtightvnc
    tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      24245/sshd
    tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      27501/postgres
    tcp        0      0 127.0.0.1:5985          0.0.0.0:*               LISTEN      27569/python2.7
    tcp6       0      0 ::1:6379                :::*                    LISTEN      8703/redis-server 1
    tcp6       0      0 :::22                   :::*                    LISTEN      24245/sshd
    udp        0      0 0.0.0.0:52329           0.0.0.0:*                           11418/miredo
    udp        0      0 10.10.0.5:123           0.0.0.0:*                           747/ntpd
    udp        0      0 68.183.134.141:123      0.0.0.0:*                           747/ntpd
    udp        0      0 127.0.0.1:123           0.0.0.0:*                           747/ntpd
    udp        0      0 0.0.0.0:123             0.0.0.0:*                           747/ntpd
    udp6       0      0 fe80::7ca1:c261:47a:123 :::*                                747/ntpd
    udp6       0      0 fe80::ffff:ffff:fff:123 :::*                                747/ntpd
    udp6       0      0 2001:0:53aa:64c:189:123 :::*                                747/ntpd
    udp6       0      0 fe80::7463:50ff:fe0:123 :::*                                747/ntpd
    udp6       0      0 ::1:123                 :::*                                747/ntpd
    udp6       0      0 :::123                  :::*                                747/ntpd

# set up ssh
  # disable root access
  # don't allow password authentication (aka keys only)
  $ sudo nano /etc/ssh/sshd_config
    PermitRootLogin no
    PasswordAuthentication no
# set up firewall
  $ sudo apt-get install ufw
  $ sudo ufw allow SSH
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 9000 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 6379 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 9390 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 5901 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 6001 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 5432 proto tcp
  $ sudo ufw allow from 127.0.0.1 to 127.0.0.1 port 5985 proto tcp
  $ sudo ufw allow 52329/udp
  $ sudo ufw allow 123/udp
  $ sudo ufw show added
    ufw allow SSH
    ufw allow from 127.0.0.1 to 127.0.0.1 port 9000 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 6379 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 9390 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 5901 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 6001 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 5432 proto tcp
    ufw allow from 127.0.0.1 to 127.0.0.1 port 5985 proto tcp
    ufw allow 52329/udp
    ufw allow 123/udp
  $ sudo ufw enable

# set up fail2ban
  $ sudo apt-get install fail2ban
  # copy and comment everything to jail.local
  $ sudo awk '{ printf "# "; print; }' /etc/fail2ban/jail.conf | sudo tee /etc/fail2ban/jail.local
  $ sudo service fail2ban start