1 / 14

An Introduction to UNIX Security

An Introduction to UNIX Security. A Presentation by Trey Evans trey@bestican.net www.bestican.net. Linux or UNIX?. System V Linux, AIX, HP-UX, Solaris BSD Net, Open, Free AT&T SCO, IRIX, Solaris. Out of the Box Security. Very limited deployment options

tharrington
Télécharger la présentation

An Introduction to UNIX Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Introduction to UNIX Security A Presentation byTrey Evans trey@bestican.net www.bestican.net

  2. Linux or UNIX? • System V • Linux, AIX, HP-UX, Solaris • BSD • Net, Open, Free • AT&T • SCO, IRIX, Solaris

  3. Out of the Box Security • Very limited deployment options • Custom tailoring always the best option • Expensive to migrate • Often easy to monitor

  4. Kernel Security • Remove any drivers not used • If the user needs them, he/she can add them at boot time • Prevents unstable drivers from causing hiccups when called • Eliminates possibility of attacker exploiting weak driver or combination of drivers

  5. Network Security • ipchains, iptables, “routes” • Tells machine what to do with what packets under certain circumstances • Set up *nix box as a router / firewall / both • Tame user privileges • No need for users to be able to change IP • Keep users from enabling promiscuous mode • Keep users from enabling second network card • Perhaps disable user access to usbhci

  6. Email Security • Sendmail • Qmail • www.google.com

  7. Begin Fun Stuff

  8. Penetration • Physically insert your machine into the target’s network • Bypass perimeter security • Control router or outer most point • “Edge devices”

  9. Physical Insertion • Basically, obtaining an IP on the system • Man in the middle • Wireless – airjack userland utilities • Wired – spoof MAC, auth as legit user • Easiest way – Wireless • bestican.net/wifi/pres.pdf • DHCP? IP addressing scheme?

  10. Bypass security • Portscan looking for services • nmap stealth mode (-s) or OS discover (-O) • Box on inside? • Test firewall rules using packet crafting • See illustration • DoS or DDoS • Lame. • Google exploits for firewall

  11. Outermost Device • Root access on gateway or firewall or router • Gives access to ALL packets on network • Redirect at will • Change IP table • Change message or headers • Sniff passwords • Write them down, you’ll need them later

  12. Discovery • Ask “what’s the payload?” • Portscan • nmap, NetCat, nmap for X • Rootkit • Requires root on an internal box • Must be well hidden • Exploit scanner • Don’t get caught • Hardware may skew results • Morph

  13. Elevate Privileges • Local access is root access • Based on boot loader, usually • Google.com • Doesn’t insert NFS folders into hierarchy • Exploits tailored to machine • Cool CC example • Cool passwd example

  14. Historic Exploits • FTPD buffer overflow • Widespread, FTPD installed by default often • Gave root FTP access • Sendmail remote call • Auth as root • Send mail as anyone, read anyone’s mail • evil.c • Not a big threat (unless hosting) • Local access needed • Demo?

More Related