8/3/2019 NITA 412 - Linux Security Administration - Lab #9

http://slidepdf.com/reader/full/nita-412-linux-security-administration-lab-9 1/2

Lab #9 - Samba; Samba SWAT; vsftpd ; ettercap  Stanislav

Lab Steps:I. Installation of Samba and Utilities

A. Install samba, samba-client , smbldap-tools  and samba-swat using yumB. Edit /etc/xinetd.d/swat and add 10.0.0.0/8 onto the “only_from” part. Use a space to separate.C. Edit your  /etc/sysconfig/iptables configuration, add a rule for TCP port 901, and load change.D. Execute a chkconfig swat on and also start xinetd and enable it for starting on boot.

E. Edit /etc/samba/smb.conf  and do the following:1. Change workgroup to “MYNET”

2. Change load printers to “no”3. Delete the [printers] section and contents within it (7 lines total)

F. Start the smb service and set it to automatically boot.

II. Interacting with your Samba server

A. Execute smbpasswd -a bjones  to set your SMB password as linuxlabB. Execute smbclient -U bjones -L 127.0.0.1 to view overall Samba server information.

C. Execute smbclient -U bjones \\\\127.0.0.1\\homes  to receive a Samba shell for that mount.D. With your Samba prompt, you can interact with the mount as if it were an FTP server. Commands

such as ls , get , and put all work as expected. Type quit when you are ready to exit the shell.E. Add firewall rules to allow TCP/UDP for ports 137, 138, and 139 & TCP 445. Loads the rules.

F. Get a ʻRunʼ dialog in your host machine and execute \\<your VM IP> to connect to Samba.

III. Using SWAT for Configuration

A. Open your host̓ s web browser and go to http://<your VM IP>:901 and login as root.

B. Click on the Shares button and create a new share called “Personal”.C. You have blank fields now and “Personal” selected in the drop-down. Configure these values:

1. Set comment to “My Personal Share”

2. Set path to “/home/bjones”3. Set valid users to “bjones”

4. Set admin users to “bjones”5. Set read only to “No”

6. Set available to “Yes”D. Click the Commit changes button.E. Click the Shares button. Select “homes” from the dropdown and click the Choose share button.

F. Put bjones in the area for “valid users” and save your changes.G. Execute smbclient -U bjones \\\\127.0.0.1\\Personal  and verify you can connect and then

quit H. Execute smbclient -U bjones \\\\127.0.0.1\\homes and verify this still works as well.

I. In your current Samba prompt, execute volume to see information about your mount.J. Execute listconnect to see open connections. Use showconnect to see active connections.

IV. Installing vsftpd

A. Install vsftpd using yumB. Edit /etc/vsftpd/vsftpd.conf and make the following changes

1. Set anonymous_enable to “NO”2. Add a directive at the bottom of the file for chroot_local_user and set it to YES

C. Start the vsftpd service and enable it to run automatically on boot.

D. Edit your iptables rules to allow TCP ports 20 & 21 and then load your new configuration.E. Execute ftp 127.0.0.1 and login as your regular user. Type quit  when you are done.

F. Try to login as root and you should be rejected.

8/3/2019 NITA 412 - Linux Security Administration - Lab #9

http://slidepdf.com/reader/full/nita-412-linux-security-administration-lab-9 2/2

V. Installing and Using EttercapA. Execute wget http://bit.ly/crQrVa and then rpm -i ettercap-* B. Execute ettercap -i lo -C to start the Ettercap interface.C. Press your down arrow key to get into the “File Menu”. Press your right arrow to go to the

“Sniff” Menu. Press the down arrow to go to “Unified Sniffing” and press the Enter key.

D. The “Network interface” should be set to lo (thatʼs a lowercase L). Press the Enter key.

E. Press the down arrow to go into the “Start” menu. Select “Start sniffing” and press the Enter key.

F. Go to a different virtual terminal and login as your regular user.G. Go back to your ettercap terminal and you will notice LDAP logins. This is because your system

had to bind credentials in order to check to see if you were an LDAP user.H. Return to your new terminal and FTP to 127.0.0.1 and login as your regular user.

I. Once again, return to your ettercap terminal and note an FTP login.

J. When you are done testing this press CTRL + C to shutdown ettercap .K. Logout of all shells. Save a snapshot of your VM as “Lab #9 Completed”.