Hello World!
Hello my friends. This is my first post on what is my passion and dedication: the world of Linux and more concise, the world of security on IT infrastructures.
Nowadays installing Linux on a personal machine tends to be easy and painless, thanks to tools as GRUB, which will scan our hardware to propose a neat solution to carry on with our installation instead of assuming it will be the only operative system running on our computer. All modern operative systems follow this paradigm and are no longer invasive (i.e. trying to format all space in disks for itself). Instead, when installation occurs, a disk administrator (GParted, in the case of Kali Linux and the Disk Manager in case of Microsoft latests OS) will ask you to define how do you wish to partition your disks and where to host the OS itself, along with other performace partitions (swap space, home folder partition, root partition and so on, these last two being optional while the first mentioned being very important in terms of efficiency but not strictly mandatory)
So let's start with the basics: An introduction to install Kali Linux on our machines. Among the typical installations we can use a CD Live or USB Live to boot our machine with Kali Linux. If we proceed this way we'll simply insert the CD or u USB key in a slot so at init the OS used is Kali instead of the default SO we have in our HDD. But wait, let's make an incise here to explain how our machine is really booting the SO. Some of you will notice that inserting a CD-Live or USB-Live distro is not enough and instead your machine boots with the pre-installed SO. What's going on here? Let's explain briefly what is a BIOS and how we can modify it. This is important to explain further concepts in order to create a more sophisticated environment (i.e. multiboot, boot on machines with several HDDs, etc).
The BIOS and its evolution
The BIOS is the first software piece that will be processed by our machine. It's an old standard in the industry used by all commercial motherboard providers. The function of the BIOS is detecting the hardware in a machine and make it visible for our operative system, so all parts of our system are visible for our OS before it's loaded. Now it's easy to see why it' s an standard, as our hardware pieces won't have to be dependant on a specific BIOS provider, giving us the choice to upgrade and modify our system without looking for specific BIOS hardware versions. Typically it will access a so called MBR area on a specific peripheral (MBR stands for Master Boot Record, normally is written on a hard-disk at installation time and contain the first bytes to be read to load a OS) and will start our OS, to give it control on our computer. Nowadays BIOS are being upgraded into a new standard called UEFI, that allows more and bigger partitions on our HDDs. UEFI BIOS can access to standard partitions with a MBR area, or bigger partitions (over 2Gb) that were created with a GPT, replacing MBR. Despite efforts were made to make both systems totally compatible, specific installations may require exotic formatting on the HDD, but in theory a UEFI BIOS will be able to boot a SO from a normal MBR. Backwards compatibility was not in scope, despite is possible to load from a standard BIOS a GPT partitioned disk with specific rewritting of their boot records.
The BIOS will detect most of the hardware available, as vendors adapt the hardware for it, but there's still risks that it won't detect brand new parts. For this case motherboard vendors should provide new firmware versions to update the BIOS. In the past it was not possible to modify it, as it was written on a ROM memory, that can't be overwritten. Nowadays the BIOS is tipycally written on a flash memory, that we can overwrite. This process can be done from our OS, so once we have initiated our system we can download a new firmware that will check and update the BIOS. This process is not exent of risks, as a failure in the update could create a corrupted BIOS, leaving our system unusable as it wouldn't be able to boot anymore. To protect our system from failure is wise to make a copy of our previous BIOS firmware state, so in case of a corruption we have a way to go back in the process. This step is confusing and up to the motherboard vendor specifications: Sometimes it won't be possible to back-up the BIOS firmware from the BIOS menu and sometimes it won't be possible to back-up at all from our OS due to lack of software for this purpouse. Tipically computer ensamblers (Lenovo, Dell, MSI, etc) will offer new firmware versions for our BIOSs, to be updated from a OS. As commented above, this process is very risky as an error during update could leave us an unusable BIOS firmware that won't allow us to boot the system anymore. In fact, a BIOS backup could be useless if we can't even restart the system anymore. This is the worst case and has no solution at all that doesn't require to change our hardware, so if you are not in a real need t modify your BIOS, don't do it. Except for specific hardware modifications urges (typically a need for different partition systems or a RAID installation for several HDD) an update of your BIOS is not performing any improvement in your system. Let's show an example on how a specific ensambler (MSI for this case) gives new BIOS firmware to their clients to update, with specific instructions to do it.
How to access your BIOS boot menu
case our BIOS firmware is in good state, we can modify it to allow us to restart our from a bootable different pheripheral, and that's how it links with the previous explanation at the firsts paragraphs: If we weren't able to boot Kali from a copy on a bootable USB-key or DVD it's because probably our BIOS was not set to recognize other peripherals as the main boot routine. By selecting in the boot menu to use another bootable peripheral as the main boot, we will be giving it priority to load an OS.
How to access your BIOS boot menu
case our BIOS firmware is in good state, we can modify it to allow us to restart our from a bootable different pheripheral, and that's how it links with the previous explanation at the firsts paragraphs: If we weren't able to boot Kali from a copy on a bootable USB-key or DVD it's because probably our BIOS was not set to recognize other peripherals as the main boot routine. By selecting in the boot menu to use another bootable peripheral as the main boot, we will be giving it priority to load an OS.
Typically the shortcuts to access your BIOS menu are the following keys:
- F8
- F2
- F1
- Supr
The BIOS menu key will have to be pressed BEFORE our operative system is loaded. Normally in the few seconds while the image of the system ensambler is displayed. Once we are inside we have to locate the boot menu and ensure that USB or DVD peripherals have priority over the hard disks to run a live distro. Next time we reboot our system, the DVD-live or USB-live will be booted instead of our default operative system. Yay! First problem solved. Remember that, in order to boot from a live distro, your peripheral MUST be set as bootable, that is, containing its own MBR or other compatible boot record to let the BIOS know how where to locate the first routines of your OS to be run. A burned .iso image won't be enough except if the iso image was prepared for it, as a DVD can ocuppy is full space and we can set with the content we need the first sector to be read. This is the case of Kali DVD images by the way. The UBS key will have to be prepared. Mentioning that the peripheral must be bootable was not redundant.
