Email

Linux File Systems

Kali Linux, being a Debian-based distribution, follows the Linux Filesystem Hierarchy Standard (FHS). Understanding the file system is crucial for cybersecurity professionals, especially for penetration testing, forensic investigations, and system administration.

1. Root Directory (/)

The root directory is the top-level directory in Kali Linux. All other directories branch from it.

2. Important Directories in Kali Linux

Here’s a breakdown of key directories:

System Directories

Directory
Description

/bin

Essential user binaries (e.g., ls, cat, cp, mv, bash) used in single-user mode.

/sbin

System binaries (e.g., fdisk, iptables, reboot), primarily used by the root user.

/boot

Contains the Linux kernel (vmlinuz), bootloader (GRUB), and initrd files.

/dev

Device files for hardware components like disks (/dev/sda), USB (/dev/ttyUSB0), and random number generators (/dev/random).

/etc

Configuration files for system-wide settings (e.g., /etc/passwd, /etc/shadow, /etc/apt/sources.list).

/lib

Shared libraries for binaries in /bin and /sbin.

/lib64

Libraries for 64-bit binaries.

/opt

Optional software, often used for third-party tools.

/srv

Data for services (e.g., web server files).

/tmp

Temporary files. Gets cleared on reboot.

/var

Variable files like logs (/var/log), spool files (/var/spool), and caches (/var/cache).

User-Specific Directories

Directory
Description

/home

Home directories for regular users (/home/username).

/root

Home directory for the root user.

Mount Points

Directory
Description

/mnt

Temporarily mounted filesystems (USB, external drives, etc.).

/media

Automatically mounted removable media (CDs, USB drives).

/proc

Virtual filesystem containing process and kernel information (e.g., /proc/cpuinfo).

/sys

Virtual filesystem with system and kernel information, like /sys/class/net for network interfaces.

3. Kali-Specific Directories

Since Kali Linux is a penetration testing distribution, it has some unique tools and configurations:

Directory
Description

/usr/share/kali-linux

Kali-specific resources and scripts.

/usr/share/wordlists

Pre-installed wordlists (e.g., rockyou.txt for password cracking).

/usr/share/exploitdb

Exploit Database (exploitdb) with exploit scripts.

/usr/bin

Contains most penetration testing tools like nmap, metasploit, john, etc.

/etc/kali-linux

Configuration files for Kali's specific security settings.

4. File System Permissions

Understanding file permissions is crucial for security:

  • ls -l command displays permissions.

  • Permissions follow the rwx (read, write, execute) format, e.g.:

    -rw-r--r--  1 root root 12345 Mar 18 12:00 example.txt

    • User (root): rw- (read, write)

    • Group (root): r-- (read)

    • Others: r-- (read)

  • Common permission commands:

    • chmod 755 file: Assign read/write/execute to owner, read/execute to others.

    • chown root:users file: Change file ownership.

    • sudo su or sudo -i: Switch to the root user.

5. Kali File System for Forensics & Security

  • Log Files (/var/log): Useful for forensic investigations.

  • Mounted Devices (/mnt, /media): Checking for malicious USBs.

  • Hidden Files (. files in home directories): Used for persistence techniques.

  • Proc File System (/proc): Checking for suspicious running processes.

Conclusion

Understanding the Kali Linux file system helps in system administration, penetration testing, and forensic investigations. Mastering key directories, permissions, and logs is essential for securing and analyzing a Kali system.

Would you like specific commands or real-world use cases related to any of these directories? 🚀

PreviousInstall Kali on AWSNextBasic File and Directory commands

Last updated