1 / 30

UNIX SYSTEM SECURITY AND ADVANCED ADMINISTRATION

FOREWORD. ?No absolute security as long as system is accessed"?In system administration, the evil is in details"For questions, contact is antoine.davous@aviler.com with [ESGI] in subject field ? otherwise, mail will be considered as spam by server rules.. A.Davous, 01/02/2009. 2. Unix Secur

bambi
Télécharger la présentation

UNIX SYSTEM SECURITY AND ADVANCED ADMINISTRATION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. UNIX SYSTEM SECURITY AND ADVANCED ADMINISTRATION (SÉCURITÉ SYSTÈME SOUS UNIX ET ADMINISTRATION AVANCÉE) A.Davous, 01/02/2009 1 Unix Security Advanced Admin

    2. FOREWORD “No absolute security as long as system is accessed” “In system administration, the evil is in details” For questions, contact is antoine.davous@aviler.com with [ESGI] in subject field – otherwise, mail will be considered as spam by server rules. A.Davous, 01/02/2009 2 Unix Security Advanced Admin

    3. INTRODUCTION UNIX FLAVORS COMMON SENSE RULES OF SECURITY HOW SECURITY IS COMPROMISED UNIX DAEMONS, SERVICES AND SERVERS HANDS-ON : SUN VIRTUAL BOX A.Davous, 01/02/2009 3 Unix Security Advanced Admin

    4. WELL-KNOWN EXAMPLES Sendmail debug commands mode as sendmail runs with setuid root so user can run any command with root power (try sudo and vi !...) Command passwd –f : no control of entered GECOS field so user can add any new line in password file Buffer overflow is a variant User can execute shellcode (to get run root shell) previously saved at some memory address for programs that accepts any entry without control (exploit) More generally, any software that do not control file ownership – you just have to link to any system file A.Davous, 01/02/2009 Unix Security Advanced Admin 4

    5. FOR INFORMATION – UNIX RELEASES A.Davous, 17/09/2008 5 Solaris vs. Linux

    6. FOR INFORMATION – UNIX FLAVORS Unix time line http://www.levenez.com/unix/ Linux distributions time line http://futurist.se/gldt/gldt76.png A.Davous, 01/02/2009 Unix Security Advanced Admin 6

    7. REMINDER – UNIX MANDATORY Read, read again documentation man, man –k, makewhatis -u vi – what else could be expected ? vim but config and security Shells : sh – best choice for scripting then tcsh or bash… (current : ps) find, diff, touch, sort [-n] xargs grep, egrep, awk, Perl, expect A.Davous, 01/02/2009 7 Unix Security Advanced Admin Find command and shell interactionFind command and shell interaction

    8. WELL-KNOWN ATTACKS A.Davous, 01/02/2009 Unix Security Advanced Admin 8

    9. MALICIOUS PROGRAMS (MALWARES) A.Davous, 01/02/2009 Unix Security Advanced Admin 9

    10. SECURITY KEY CONCEPTS 3 security goals: confidentiality, integrity, availability 3 usual answers to threats: ignore, improvise or try to ‘over’ secure Right answer: determine field, identify and evaluate cost of resources (financial, confidentiality or production), determine security risks and strategy, monitor, upgrade A.Davous, 01/02/2009 Unix Security Advanced Admin 10

    11. STRATEGIES Strategies : Accept threat – but have a recovery plan Reduce threat – by appropriate means Transfer threat – to a vendor Bypass threat – by blocking access Understanding is key: Example of mail user privilege Protect all layers – example of firewalls Reduce exposed surface Protect but detect and answer – administrate ! Security is or must be part of : conception, operation and deployment A.Davous, 01/02/2009 Unix Security Advanced Admin 11

    12. RISKS AND STRATEGY Risks Human – malicious but often from authorized users Technical – hardware (physical access), software This is up to sysadmin to decide what are they and right level of protection Strategy Security and comfort is a compromise Have a security policy especially recovery procedure A.Davous, 01/02/2009 Unix Security Advanced Admin 12

    13. HOW TO DO In-depth (passive) protection (Physical – premises access) Network filtering Passwords Encryption Backup (Active) security process Monitor and add corrections Full audit Upgrade A.Davous, 01/02/2009 Unix Security Advanced Admin 13

    14. SECURED DESIGN Open design or secret design debate (hidden flaws, issues discovered by community, provocation to exploits) Common breaches Least user access (chroot as solution) Buffer overflow Printf function (insert conversion keys into string) Web programming (URL forging) Transactions, client/server (man-in-the middle, encryption, hashing as solutions) A.Davous, 01/02/2009 Unix Security Advanced Admin 14

    15. SOME TABLE LAWS… If someone can execute something on your computer or if someone can modify your OS, or if someone can physically access to your computer, it will not belong to you anymore As well, if someone can execute something on your web site, it will not belong to you anymore Weak passwords leads to security breach System is as secured as sysadmin wants Encrypted data are as secured as the used key to encrypt An anti-virus not updated is as useful as no anti-virus Anonymity is not useful but confidentiality is Technology is not be-all Security measures works well when they are simple to use for sysadmin and transparent to users A.Davous, 01/02/2009 Unix Security Advanced Admin 15

    16. REMINDER : PROCESSES Processes have four identities : real (for accounting) and effective (for access permissions) UID and GID ; usually the same except with setuid or setgid bit set Command ps Kinds of processes Interactive – controlled with &, ^Z, jobs Batch Daemons A.Davous, 01/02/2009 Unix Security Advanced Admin 16

    17. DAEMONS, SERVERS, SERVICES Daemon, server, service concepts Daemon : programs not part of kernel ; process that performs a specific function or system-related task Start at boot time or on demand Specific system daemons init primordial process cron that schedule commands inetd that manages some of them A.Davous, 01/02/2009 Unix Security Advanced Admin 17

    18. WELL KNOWN DAEMONS A.Davous, 01/02/2009 Unix Security Advanced Admin 18

    19. init DAEMON First process to run after system boot Always have PID 1 and is ancestor of all other processes After startup, init consults /etc/inittab (or for BSD /etc/ttys) to determine on which physical ports it should expect users to log in (getty processes – even tough large use of network daemons today, or xdm for graphical interface) Also take care of zombie processes (not running but listed) Init defines run levels (passed as argument to it from boot loader) : 0 to 6 and s (single-user) Additional layer is given with startup scripts in /etc/init.d, linked to startup and stop scripts in /etc/rcX.d A.Davous, 01/02/2009 Unix Security Advanced Admin 19

    20. REMINDER : BOOTING – SHUTTING DOWN A.Davous, 17/09/2008 Solaris vs. Linux 20

    21. OTHER CONCEPTS Command dmesg Core dump : ulimit –c Path : - try not modify root profile PATH variable - do not set empty or ‘.’ in PATH variable - in scripts (and configurations like cron), always use full path for commands (as variables at beginning) Disk quotas may be use to isolate an application (vs. original purpose) vi and other editors dump files feature History of shell commands who –r cp -p A.Davous, 01/02/2009 Unix Security Advanced Admin 21

    22. PASSWORD CRACK TOOLS Usage of these tools are illegal on computers where you have not been explicitly authorized to do it. But it is recommended to test your own password files – anyhow, crackers will do it with them. Crack Locations: /usr/share/crack ; /usr/libexec/crack ; /usr/bin Quick-start commands: # umask 077 # ~/scripts/shadmrg.sv /etc/passwd /etc/shadow > /root/unshadp # Crack –nice 5 /root/unshadp # CrackReporter Results in ~/run directory John the Ripper Locations: /usr/share/john ; /usr/libexec/john Quick start commands: # umask 077 # unshadow /etc/passwd /etc/shadow > /root/unshadp # john [--rules --wordfile=FILE] /root/unshadp Results in ~/john.pot A.Davous, 01/02/2009 Unix Security Advanced Admin 22

    23. ROOT PASSWORD RECOVERY To show importance of physical access Grub bootloader must have timeout (/boot/grub/menu.lst) – suppress it (0) or set a password to bootloader Simplest procedure using single user mode – case of Fedora 10 When Grub screen, edit current boot line (e) Edit kernel line (e) by adding ‘single’ at end (single user mode) Save and boot (b) Command passwd can be entered with root privileges to reset root password A.Davous, 17/09/2008 Solaris vs. Linux 23

    24. Sun xVM VirtualBox - 1 VirtualBox release 2.1.2 found at www.virtualbox.org (accept installation of USB and network drivers) Host and guest concepts, see manual Guest additions concept Fedora 10 found at fedoraproject.org/en/get-fedora (F10-i686-Live.iso, 32 bits although 64 supported by xVM, English edition, installable Live CD) A.Davous, 01/02/2009 Unix Security Advanced Admin 24

    25. Sun xVM VirtualBox - 2 Installation procedure (example is Fedora) New machine ; choose OS, select memory size (2 GB but less than host !), add virtual disk (fixed, 10 GB). Mount OS ISO local file as CD/DVD-ROM Start !... (ignore both messages – no additions installed yet) When started, use Install on hard disk icon. Select French keyboard. Shut down, unmount CD/DVD and restart. Upgrade system and application packages (Yum). Install dkms package (Dynamic Kernel Module Support Framework). Install GNU make, gcc packages. Mount Guest Additions ISO with Devices, Install Guest Additions xVM menu. Run Sun’s script (cd /media/VBOXADDITIONS_2.1.2_41885/ ; sh ./VBoxLinuxAdditions-x86.run) Restart. A.Davous, 01/02/2009 Unix Security Advanced Admin 25

    26. Sun xVM VirtualBox - 3 Installation procedure particularities for Debian 4 Installation of small image via Internet. Disk partitioning without LVM, one root partition. Desktop and system packages. Synaptic Package Manager used for package installation : make, gcc and kernel headers (linux-headers-2.6.18-6 and linux-headers-2.6.18-6-686 ; check release with command uname –a). A.Davous, 01/02/2009 Unix Security Advanced Admin 26

    27. REMOTE ACCESS TO SYSTEM Xming XLaunch utility But otherwise, X specific, “exporting display” : Run your X server on PC (nothing required if PuTTY used because X protocol is SSH’d encapsulated - port 22 ; otherwise, ports XDMCP 177 and 6000 should be opened) Then, on client : setenv DISPLAY server:0.0 echo $DISPLAY Putty A.Davous, 01/02/2009 Unix Security Advanced Admin 27

    28. USEFUL LINKS A.Davous, 01/02/2009 28 Unix Security Advanced Admin 16:5016:50

    29. WORTH READING A.Davous, 01/02/2009 Unix Security Advanced Admin 29 16:5516:55

    30. WINDOWS TOOLS USED DURING THIS SESSION A.Davous, 01/02/2009 Unix Security Advanced Admin 30 17:0017:00

More Related