Upload
alyson-bell
View
216
Download
2
Embed Size (px)
Citation preview
CIS 290LINUX Security
Basic Network Security“Chroot Jail”
Network services• Determine open services:
netstat –tulpn -OR-nmap -sT -O localhost
• Disable with chkconfig. And/or remove software.
• Use TCP_WRAPPERS (xinetd)
• Configure iptables
• Remove Xwindows:yum groupremove "X Window System“
• Set initdefault to runlevel 3
• No cleartext services HTTP, TELNET, FTP, rcmd, (see gov’t requirements) - use SSH, SSL, SFTP. Restrict NFS/CIFS to local networks only.
• Basic tools: ping, traceroute, netstat, nmap, netcat (nc) telnet
Chroot jail• Isolate user process within a “virtual” root file system.
• Similar to web “virtual document root” or vsftpd “chroot_local_user=YES”.
• As root: chroot <directory path> <command>
• Trick is to automate the process for user login, file transfer (sftp) or specific applications.
• Most daemon processes have their own “chroot” methodology.
• Not as secure, less isolating as LINUX containers or Solaris zones (CIS 228) for specific application environnments.
Google Hacking• We can use a standard Google search to find interesting pages such as
indexes.- “index of /etc”- “index of /etc” passwd - “index of /etc” shadow
• Google allows us to do more than just simple searching using advanced operators
• E.g.– filetype:– inanchor:– intext:– intitle:– inurl:– site:
Using Advanced Operators• We can now search in the Title field for indexed pages:
intitle:index.of./etc passwdintitle:index.of./etc shadow
• We can use the filetype: operator:password filetype:xlsfiletype:config web.config -CVSfiletype:mdb users.mdb
• Combining Operatorsfiletype:eml eml +intext:"Subject" +intext:"From" +intext:"To“"# -FrontPage-" ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" inurl:service.pwd
Google Hacking Database (GHDB)
• Thousands of search URL’s
• Javascript: entries very powerful
• Enter Wikto – Web Server Assessment Tool - Back-end Miner- Nikto-like functionality- Googler file searcher- GoogleHacks GHDB tester