CIS 290 LINUX Security - PowerPoint PPT Presentation

About This Presentation
Title:

CIS 290 LINUX Security

Description:

CIS 290 LINUX Security Basic Network Security Chroot Jail Network services Determine open services: netstat tulpn -OR- nmap -sT -O localhost Disable with ... – PowerPoint PPT presentation

Number of Views:16
Avg rating:3.0/5.0
Slides: 7
Provided by: RRDonn7
Learn more at: https://www.oakton.edu
Category:
Tags: cis | linux | security | telnet

less

Transcript and Presenter's Notes

Title: CIS 290 LINUX Security


1
CIS 290LINUX Security
  • Basic Network Security
  • Chroot Jail

2
Network services
  • Determine open services
  • netstat tulpn -OR-
  • nmap -sT -O localhost
  • Disable with chkconfig. And/or remove software.
  • Use TCP_WRAPPERS (xinetd)
  • Configure iptables
  • Remove Xwindows
  • yum groupremove "X Window System
  • Set initdefault to runlevel 3
  • No cleartext services HTTP, TELNET, FTP, rcmd,
    (see govt requirements) - use SSH, SSL, SFTP.
    Restrict NFS/CIFS to local networks only.
  • Basic tools ping, traceroute, netstat, nmap,
    netcat (nc) telnet

3
Chroot jail
  • Isolate user process within a virtual root file
    system.
  • Similar to web virtual document root or vsftpd
    chroot_local_userYES.
  • As root chroot ltdirectory pathgt ltcommandgt
  • Trick is to automate the process for user login,
    file transfer (sftp) or specific applications.
  • Most daemon processes have their own chroot
    methodology.
  • Not as secure, less isolating as LINUX containers
    or Solaris zones (CIS 228) for specific
    application environnments.

4
Google Hacking
  • We can use a standard Google search to find
    interesting pages such as indexes.
  • - index of /etc
  • - index of /etc passwd
  • - index of /etc shadow
  • Google allows us to do more than just simple
    searching using advanced operators
  • E.g.
  • filetype
  • inanchor
  • intext
  • intitle
  • inurl
  • site

5
Using Advanced Operators
  • We can now search in the Title field for indexed
    pages
  • intitleindex.of./etc passwd
  • intitleindex.of./etc shadow
  • We can use the filetype operator
  • password filetypexls
  • filetypeconfig web.config -CVS
  • filetypemdb users.mdb
  • Combining Operators
  • filetypeeml eml intext"Subject"
    intext"From" intext"To
  • " -FrontPage-" extpwd inurl(service authors
    administrators users) " -FrontPage-"
    inurlservice.pwd

6
Google Hacking Database (GHDB)
  • Thousands of search URLs
  • Javascript entries very powerful
  • Enter Wikto Web Server Assessment Tool
  • - Back-end Miner
  • - Nikto-like functionality
  • - Googler file searcher
  • - GoogleHacks GHDB tester
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CIS 290 LINUX Security" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!