1 / 9

Chapter 12

Chapter 12. Hacking Linux Systems. Linux Basics. Text Editors v i, ex, pico , jove , GNU emacs Shells chs (C Shell), sh (Bourne Shell) File navigation cd, ls , cp , mv, mkdir , rm. Linux Basics. Directories /bin: common Linux user commands ( ls , sort, date, chmod )

maalik
Download Presentation

Chapter 12

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 12 Hacking Linux Systems

  2. Linux Basics • Text Editors • vi, ex, pico, jove, GNU emacs • Shells • chs (C Shell), sh (Bourne Shell) • File navigation • cd, ls, cp, mv, mkdir, rm

  3. Linux Basics • Directories • /bin: common Linux user commands ( ls, sort, date, chmod) • /sbin: admin commands and daemon processes • /etc: admin config files, passwdfile, shadow file • /dev: files representing access points to devices • /usr: user docs, graphical files, libraries • Networking commands • arp, ifconfig, dig, netstat, nslookup, traceroute

  4. Linux Basics • Noteworthy commands • mkpassword: generate random password • chage& passwd: force users to change password • useradd: create new user • usermod: modify a user account • groupadd: create new group

  5. Linux Basics • Noteworthy commands • pwconv: change password file to shadow file • groups: get info about a user • kill: stop an unwanted service • w: display currently logged in users • umask: set initial file permissions on new files • chmod: change file permissions • chkrootkit: check for installed rootkit

  6. Reason to compile a kernel • New hardware • Bug fix • New app requires new OS

  7. Linux Hardening Methods • Secure location • Strong passwords • Shadow passwords: • Use PASSCONV command to move passwords to: /etc/shadow • Format: LoginName.Password.UserID.PrimaryGroupID.Comment:HomeDirectory:ShellAssigned • eg: mark:x:501:100:Mark Smith:/home/mark:bin/tcsh • Also, generate random passwords with mkpasswd • Also, require password changes: passwd, chage • Remove unused services

  8. Linux Hardening Methods • Preconfigure default user account and files • /etc/skel • Apply bug fixes • Disable remote access • Or use VPN (Linux uses 3DES) • Use syslog for centralizing log files • Rsyslog, Swatch, Timbersee, IPLog • Verify downloaded files are not compromised • Command: sum <file name> checks MD5 info • Monitor network traffic • Ntop, MRTG, IPTraf

  9. Linux Hardening Methods • Determine if NIC is promiscuous • Ifconfig | grep PROMISC • grepPromisc /var/log/messages • ip link | grep PROMISC • Firewall • < 2.4 Kernel: IPChains • >= 2.4 Kernel: IPTables • Securely erase data • wipe /dev/…. • Install/configure a proxy server: Squid • Protect DNS info: BIND

More Related