Hands on with Caine Linux: Pentesting and UEFI compatible

I have mixed feelings about Caine Linux. First and foremost, it is a Linux-based forensic analysis system which is UEFI-compatible. However, while it is reasonably easy to boot as a Live DVD or USB system, I found it to be rather difficult to install, and quite complicated to use. 

There are a variety of special-purpose Linux distributions which I can easily imagine being used for everyday work – Kali Linux, Knoppix, AV Linux and others. But I have difficult time imagining even an experienced Linux user using Caine for everyday tasks.

Maybe this is a good thing. Honestly, a pentest/forensic system should be used for that, and nothing else.  When you use it for other purposes, and in other situations, or you connect regularly to the internet and mount other removable storage devices, you are taking the risk that it could become compromised, corrupted or otherwise damaged and made unsuitable for its primary use.

So that is the reason I have such mixed feelings. Maybe it would be best to use it only as it is distributed, as a standalone Live system. I would be interested in hearing other opinions about this.

But of course the really big question is, does it work on UEFI-firmware systems? This is not a trivial question – for example, Kali Linux (formerly BackTrack), which is my preferred distribution of this type, added UEFI compatibility not long ago, and to say that they had mixed result would be very generous. So having a system that works with UEFI out of the box would be very nice.

The short answer is yes, it does work as a stand-alone UEFI-boot Live system. The long answer is that if you want to go beyond that and create an installed system, well, that works too but you have to be very careful, and there are some potentially serious pitfalls along the way.

Let’s start with the basics of the distribution. Caine 6.0 is derived from Ubuntu 14.04.1 (64 bit). That is a Long Term Support release, so that is a good thing. It uses the MATE desktop, rather than Unity, which is another really good thing. The ISO image can be obtained from their Downloads page (duh), and is relatively large (2.68GB).

You can either burn the ISO to a DVD, or copy it to a USB stick. The downloads page specifically says that you can use rufus (on Windows) or unetbootin (on Linux, MacOS or Windows).  I am curious/stubborn/lazy/set in my ways (choose one or more which you think applies), so I decided to try a couple of other possibilities. The first and most obvious option, copy directly to a USB stick with dd, doesn’t work. Bummer.  The other obvious choice, because this is an Ubuntu derivative, was to try the Ubuntu Startup Disk Creator. I recently installed Ubuntu 14.10, so I fired that up, and it worked just fine. Yay.

The Live USB stick can then be booted on either “Legacy” (MBR) or UEFI-boot systems, and on UEFI systems it can be booted with Secure Boot enabled (or not). That’s very good news.

Read Full Article at ZDNET

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...