Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Introduction to UNIX Security A Presentation by Trey Evans

Published byJordan Horn Modified over 8 years ago

Similar presentations

Presentation on theme: "An Introduction to UNIX Security A Presentation by Trey Evans"— Presentation transcript:

1 An Introduction to UNIX Security A Presentation by Trey Evans trey@bestican.net www.bestican.net

2 Linux or UNIX? System V Linux, AIX, HP-UX, Solaris BSD Net, Open, Free AT&T SCO, IRIX, Solaris

3 Out of the Box Security Very limited deployment options Custom tailoring always the best option Expensive to migrate Often easy to monitor

4 Kernel Security Remove any drivers not used If the user needs them, he/she can add them at boot time Prevents unstable drivers from causing hiccups when called Eliminates possibility of attacker exploiting weak driver or combination of drivers

5 Network Security ipchains, iptables, “routes” Tells machine what to do with what packets under certain circumstances Set up *nix box as a router / firewall / both Tame user privileges No need for users to be able to change IP Keep users from enabling promiscuous mode Keep users from enabling second network card Perhaps disable user access to usbhci

6 Email Security Sendmail Qmail www.google.com

7 Begin Fun Stuff

8 Penetration Physically insert your machine into the target’s network Bypass perimeter security Control router or outer most point “Edge devices”

9 Physical Insertion Basically, obtaining an IP on the system Man in the middle Wireless – airjack userland utilities Wired – spoof MAC, auth as legit user Easiest way – Wireless bestican.net/wifi/pres.pdf DHCP? IP addressing scheme?

10 Bypass security Portscan looking for services nmap stealth mode (-s) or OS discover (-O) Box on inside? Test firewall rules using packet crafting See illustration DoS or DDoS Lame. Google exploits for firewall

11 Outermost Device Root access on gateway or firewall or router Gives access to ALL packets on network Redirect at will Change IP table Change message or headers Sniff passwords Write them down, you’ll need them later

12 Discovery Ask “what’s the payload?” Portscan nmap, NetCat, nmap for X Rootkit Requires root on an internal box Must be well hidden Exploit scanner Don’t get caught Hardware may skew results Morph

13 Elevate Privileges Local access is root access Based on boot loader, usually Google.com Doesn’t insert NFS folders into hierarchy Exploits tailored to machine Cool CC example Cool passwd example

14 Historic Exploits FTPD buffer overflow Widespread, FTPD installed by default often Gave root FTP access Sendmail remote call Auth as root Send mail as anyone, read anyone’s mail evil.c Not a big threat (unless hosting) Local access needed Demo?

Download ppt "An Introduction to UNIX Security A Presentation by Trey Evans"

Similar presentations

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.
Man in the Middle Attack

Man in the Middle Attack
ARP Spoofing.

ARP Spoofing.
Lesson 3-Hacker Techniques

Lesson 3-Hacker Techniques
IUT– Network Security Course 1 Network Security Firewalls.

IUT– Network Security Course 1 Network Security Firewalls.
Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN 0-07-212773-2.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.

Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
ITIS 6167/8167: Network and Information Security Weichao Wang.

ITIS 6167/8167: Network and Information Security Weichao Wang.
Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.

Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Similar presentations

Ads by Google