Linux Security

Haifa Linux Club 21.10.99 Orr Dunkelman

What is a Secure System?

Secure system is an abstract concept
Defined as Robust, it depends on what you need, how much time you are willing to put in, and what resources are at your disposal

P.C. vs. Server

Close all services
Dont open accounts to everyone. Only to good and trusted people

Close as much services as possible Make sure users have good passwords - use crack-lib. Demand periodical password changes

P.C. vs. Server (cont.)

Dont install what you dont know its origin Download only from known places (www.linux.org, etc.)
Remove Suids if you are not the only user

Dont install what you dont know its origin Download only from known places (www.linux.org, etc.)
Remove as more Suids as possible

Securing Passwords
Crack-lib them. Ensure passwords are not too short, and not too easy to crack Shadow them. Dont put them in /etc/passwd but in /etc/shadow (todays default in RH 6.1 installation) Connect to remote system using SSH and SCP (FTP over SSH channel) to prevent passwords from being sent as cleartext

S vs. R
SSH require password RSH doesnt require or a RSA phrase (SSH any password agent) SCP require password RCP - no passwords (no one will sent files needed without authorization) Several Authentication Work with Kreberos method are available solely

S vs. R
Use Compression Plain Connection
Dont require password at all - no password is moved, if one of the encryption functions has been broken - no one get the password!

Authentication
Prevents IP spoofing (claiming to be other IP then you are) Sometimes the algorithm allows also setting up a key for the rest of the session (Kreberos for example) Slow a little bit the connection (in the beginning) Known (and used) algorithms - Kreberos, RSA Challenges.

Dangerous Permissions
Suid/Sgid - Check very carefully. Especially when the file is owned by root/wheel Write to all (xx2) Nouser/Nogroup .rhosts file (open R-services) Use find to find the files

Example - How to remove Suids?

First find them - find -perm 4000 / Then check if you need them - login, wanted deamons (Qmail, telnet, SSH, FTP) Close services not needed in the /etc/inetd.conf Use TCP Wrappers to the rest of the ports (Those you usually get nuked - 139)

Monitor your Computer!

Be the hacker yourself. Check for scripts and exploits which might be used against you Port scan your machine once in a while ensure no ports and services are open (unless you opened them) Put Firewall. Hiding behind a firewall might help in reducing hackability (though those who pass it, are likely to hack better)

Introduction to Hacker 1
Use port scanner on the machine you are about to attack (nmap does great, and helps you in finding the OS running on the computer) Go to hackers web-sites, and look for the right exploits and scripts Try to examine the Services code, maybe youll find a backdoor

Security HOWTO
Restrict physical approach (locks etc.) Consider BIOS and LILO passwords Lock workstation when youre not near (vlock/xlock) Try to reduce root access to one of tty declared in /etc/securetty Try to use su - instead of login as root

Security HOWTO - Files

When you need to allow root-like access minimize it using sudo Dont allow Suid/Sgid where non-root users write to hard drive (mount as nosuid) Umask the right access permissions Limit resources in the machine (Nproc, CPUtime, etc.) Set /var/log/wtmp /var/run/utmp permissions to 644

Security HOWTO (cont.)

Use chattr to set special permission (disable deleting, creating symbolic links etc.) Run Integrity Checker (like Tripwire) routinely (find changed files) Install PGP for users Install PAM (Plugable Authentication Module) Secure X connections (ssh for example)

Security HOWTO (cont.)

Backup! Dont use NFS/NIS without really needing it (and secure it when you does, those things are really not secure) Look at your logs once in awhile (/vat/log/) Look at the system log file

Auditing
Audit your system Check Network once in awhile (Denial of Service attacks can be identified using this) Check who log on and from where. Check if it make sense

Virtual Machine Concept

Use the VM (like VMWare) to be the machine which the rest of the world access Make sure the VM has privileges to change only where it should (no access to write to root partition, etc.) Check the VM is secure (!) your counting on that the VM cant access what its not allowed

Tips and Ideas

Basic Concepts
Use PAM (change of passwords etc. is not at your responsibility - less vulnerability) Check permissions before actions Check overflow/underflow. Be as Robust as you can If you are writing a deamon double check everything (and quad check it again).

Basic Concepts (cont.)

Use available security tools - PGP (mail), SSH (telnet connections), SCP (ftp connections), Kreberos (Authenticate), IPSec (Network), etc. Enable Verbose mode - help users find problems which might affect them and their security

Basic Concepts (cont.)

Check if you can hack the thing (be a malicious user) Treat carefully any file, before overwrite backup. Before delete check if the file is a system one. Log all actions (in case someone use your program to hack and cause damage, for tracing purpose)

Links
Hackers Search Engine - Neworder.box.sk Security policy - RFC 2196 ietf.org/rfc/rfc2196.txt

Krebero FAQ www.nrl.navy.mil/CCS/people/kenh/kerberosfaq.html

Linux Security HOWTO www.linuxhq.com/HOWTO/SecurityHOWTO.html

Links (cont.)
Security Links www.linuxhq.com/HOWTO/Security-HOWTO-11.html

SSH FAQ - wwwfg.rz.uni-karlsruhe.de/~ig25/sshfaq/

Homepage of PGP - www.pgpi.org/