Linux Fundamentals

Before mastering Kali Linux, familiarity with a generic Linux system is essential, as a significant portion of web, email, and other Internet services operate on Linux servers.

This section presents basic concepts about Linux, assuming knowledge of general computer systems, including CPU, RAM, motherboard, hard disk, and their respective device controllers and connections.

1. What Is Linux and What Is It Doing?

"Linux" often refers to the entire operating system, but it technically describes the operating system kernel. This kernel is launched by the boot loader, which is initiated by the BIOS/UEFI. The kernel acts as a conductor in an orchestra, coordinating hardware and software interactions. Its roles encompass managing hardware, processes, users, permissions, and the file system. The kernel provides a common foundation for all other programs on the system, typically running in ring zero, or kernel space.

The User Space

The term user space refers to all operations outside the kernel. In this space, many core utilities from the GNU project operate, primarily through the command line. These utilities can be utilized in scripts to automate various tasks. For an overview of crucial commands, refer to the Useful Commands section.

1.1. Driving Hardware

The primary function of the kernel is to control the computer’s hardware components. This includes detecting and configuring hardware upon power-on or when devices, such as USB drives, are inserted or removed. The kernel also simplifies access to these components for higher-level software by providing a programming interface, allowing applications to work with devices without specifics on connections or configurations.

For instance, video conferencing software can leverage a webcam using the Video for Linux (V4L) interface, regardless of the manufacturer. The kernel translates calls from this interface into the necessary hardware commands.

The kernel shares information about detected hardware through the /proc/ and /sys/ virtual file systems. Applications frequently access devices via files in /dev/, representing elements like disk drives (/dev/sda), partitions (/dev/sda1), mice (/dev/input/mouse0), keyboards (/dev/input/event0), sound cards (/dev/snd/*), and serial ports (/dev/ttyS*).

Device files fall into two categories: block and character. Block devices consist of fixed-size data blocks with random-access capabilities, while character devices can be read and written sequentially but do not permit seeking arbitrary bytes. To identify a device file type, inspect the first letter using ls -l, where b denotes block devices and c refers to character devices.

Example:

$ ls -l /dev/sda /dev/ttyS0

brw-rw---- 1 root disk 8, 0 Mar 21 08:44 /dev/sda

crw-rw---- 1 root dialout 4, 64 Mar 30 08:59 /dev/ttyS0

In this example, disk drives like /dev/sda are block devices, while devices such as /dev/ttyS0 are character devices. The programming interface for both types includes specialized commands that can be accessed through the ioctl system call.

Summary

Understanding Linux fundamentals is vital for those venturing into fields such as cybersecurity, particularly in environments where Linux systems dominate. Mastery of the kernel, the user space, and hardware interactions prepares you for deeper exploration into specialized distributions like Kali Linux, which focus on security and penetration testing. Familiarity with device types and system calls is essential for efficient system administration and security management.

Cybersecurity, Anonymity, Protection