11
Which OS/Distro? (lemmy.world)
submitted 5 months ago* (last edited 5 months ago) by OnePhoenix@lemmy.world to c/cybersecurity@sh.itjust.works

I'm new to the cyber-security/privacy space. I am interested in teaching myself about it, as well as dabbling in OSINT and general linux-type-stuff too. ATM this is all a hobby so while it is not crucial to have everything air-tight, I would like to do my best to follow best practices.

That being said, I am currently using a Mac M1 so my VM capabilities are (AFAIK) limited to the OS's provided by the UTM virtual machine software. For those who are unaware, the OS's they provide can be found here:

https://mac.getutm.app/gallery/

From a security/privacy perspective, which of these OS's would you consider to be the most secure or, able to be the most secure with configuration? At first glance and with my limited knowledge, I want to say Kali, but I feel this may be cliché as it's what your stereotypical-hacker-type would use.

Any guidance would be appreciated.

N.B., ease of use/convenience is not a top priority for me, as I'm using this as a learning experience and I'm open to trying different things and making mistakes along the way.

Thanks!

***EDIT: Thank you to all who provided information. I learned a lot. I've decided to try a few different distros that work with UTM namely, Parrot OS (both home and security editions for different purposes), as well as Kali and Debian.

top 20 comments
sorted by: hot top controversial new old
[-] KISSmyOSFeddit@lemmy.world 11 points 5 months ago* (last edited 5 months ago)

Kali is the least secure of all distros, it runs everything as root and is meant as a tool to boot from an USB stick for pentesting, not for installation on your machine.

[-] sugar_in_your_tea@sh.itjust.works 8 points 5 months ago

And everything on Kali can easily be installed on something else. If you want "hacker tools," just apt install them on Debian 12. I use nmap pretty frequently on openSUSE Tumbleweed (not on the list) for testing my own domains, and pretty much any Linux distro will have those tools in the repos.

[-] loudWaterEnjoyer@lemmy.dbzer0.com 9 points 5 months ago

You should look into QubesOS if you are concerned about your security.

From your selection, I'd recommend Debian Stable.

As others have pointed out, Kali or the likes are the least secure operating systems, they are not designed to be secure, they are designed to be booted in a temporary environment and then used for penetration testing purposes.

[-] OnePhoenix@lemmy.world 4 points 5 months ago

I've looked at this and would love to but as is my (limited) understanding, Qubes is next to (if not entirely) impossible to implement on Mac M1

[-] loudWaterEnjoyer@lemmy.dbzer0.com 2 points 5 months ago

Yes, so Debian Stable

[-] Telorand@reddthat.com 0 points 5 months ago

I second Debian as an intro. Ubuntu is a little newer and it has a huge userbase, but your customization options are limited by their desktop environment (which is a tweaked version of Gnome, iirc). You'll get more of a typical Linux experience from Debian. Most of the Ubuntu help articles and posts will work for Debian, too.

When you're ready to try something new, explore immutable/atomic distros like Fedora Kinoite, blendOS, and NixOS. Layering and containerization are a different way to secure your system and offer new ways to think about how processes interact with the kernel and OS.

I know you're limited by the UTM right now, but by the time you're ready for that, you may have other ways or hardware to look into it.

[-] autonomoususer@lemmy.world 6 points 5 months ago* (last edited 5 months ago)

From a security/privacy perspective, which of these OS’s would you consider to be the most secure

Kali and Parrot are for attack, not more secure.

For security/privacy, remove anti-libre software. They ban us from removing malicious source code. Use Parabola or other libre software here.

An operating system controls its apps, so controls guests in these apps, so a guest is never safe when its host is anti-libre software (macOS).

[-] OnePhoenix@lemmy.world 5 points 5 months ago

Is SELinux enabled by default in Fedora? I've tried researching it but everyone seems to be wanting to do the opposite and disable SELinux (presumably because it restricts ease-of-use)?

[-] orbital@infosec.pub 5 points 5 months ago

Yes, SELinux is enabled (in "enforcing" mode) by default in Fedora. In my experience, it doesn't hamper usability.

I remember seeing old advice from blogs and listicles about turning it off, on the theory that it might get in the way. But it's better to leave it on if you care about security -- especially if you want to learn.

When SELinux blocks a piece of software from doing something sketchy, an alert is generated to explain what happened and why. That's rare but it's a learning opportunity for you, not to mention preventing a potential security threat.

[-] yala@discuss.online 3 points 5 months ago

Out of the ones provided by UTM, it's Fedora by virtue of SELinux.

[-] sugar_in_your_tea@sh.itjust.works 3 points 5 months ago

I'm an openSUSE fan, so I'd go with one of the microOS desktops (I'd pick Kalpa, but Aeon works too).

But that's not on your list, so I'd go with Debian 12.

[-] tedu@azorius.net 3 points 5 months ago

UTM may be somewhat shinier, but you can run anything you like in qemu on a mac.

[-] sugar_in_your_tea@sh.itjust.works 1 points 5 months ago

How does that work performance-wise? For example, could I just take openSUSE MicroOS's aarch64 image and install it and get near-native performance like I can with x86 images using KVM on an x86 host?

[-] tedu@azorius.net 3 points 5 months ago

Pretty much, yeah.

[-] sylver_dragon@lemmy.world 3 points 5 months ago

While it's cliche, Kali can be a pretty good starting point, especially if you are looking at cybersecurity. You might even consider something like the TryHackMe module on Linux Fundamentals here:
https://tryhackme.com/module/linux-fundamentals

That can get your feet wet and then you can explore the rest of the site to look at security applications.

As for other distributions, Ubuntu is generally good as a "I want to try Linux and not hate myself" distribution. It will feel reasonably familiar if you have used Windows. And a lot of open source projects and software seems to target Ubuntu.

If you are ok with a learning curve which looks more like a cliff face, Arch Linux is great. It provides a very high degree of customizability and control, but far from holding your hand, it will actively smack it away while you are drowning. On the upshot you will learn as you go, you have no other choice.

If you plan to work in an Enterprise environment you can expect to run into RedHat/CentOS. While not quite as comfy as Ubuntu, it does provide a decent level of not letting you cut your own feet off. Though, you may have issues with some projects and software not being as easily available due to the high level of centralized control.

And lastly, a lot of what you learn in one distribution will be roughly applicable in another. Maybe things will be a bit different, but you will have a general sense of what things will be like. So, don't stress over the choice of a distribution too much. Pick one and go. When you find out you are wrong (because, of course, every choice is wrong to someone), learning the next one won't be anywhere near as hard.

[-] twinnie@feddit.uk 1 points 5 months ago* (last edited 5 months ago)

If you just want to dabble and learn about OS stuff then Kali is probably the best bet. I’ve heard a lot of stuff saying that Parrot is better but Kali is the industry standard, and I’m pretty sure both of them cover the basics just as well. If you’re looking for a secure distro to use a bit and just learn about Linux then choose something else. Pen-testing (OS) distros are inherently insecure simply because they’re loaded with the kind of software you don’t want on your own machine. Part of the battle in (ethical) hacking is getting the malware onto a machine, and these are absolutely loaded with it.

That being said, I think Parrot have a distro flavour that’s simply supposed to be a secure system rather than a pen-testing tool. I haven’t tried it myself.

However, if you’re new to Linux and simply want to learn start with something easier and well supported. Kali and Parrot are both based on Debian so maybe something similar would help you. Debian or a fork, like Ubuntu or Linux Mint.

[-] land@lemmy.ml -1 points 5 months ago
[-] OnePhoenix@lemmy.world 2 points 5 months ago

Thank you. Again, excuse my ignorance but, I don't see Parrot on the UTM list... Can Parrot be loaded on top of one of those OS's? Or are you suggesting Parrot in general, regardless of UTM's capabilities?

[-] land@lemmy.ml 2 points 5 months ago

In general. I think you can still load up Parrot OS on UTM. I haven’t done that myself. I was recommended Parrot OS by Hack the box (that’s where I’m learning cybersecurity).

You can still use Kali.

[-] OnePhoenix@lemmy.world 1 points 5 months ago

After your post I did some digging and indeed it does appear as though Parrot OS can be installed through UTM. Thanks for the heads up!

this post was submitted on 24 May 2024
11 points (92.3% liked)

Cybersecurity

5614 readers
147 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS