Académique Documents
Professionnel Documents
Culture Documents
Close as much services as possible Make sure users have good passwords - use crack-lib. Demand periodical password changes
Dont install what you dont know its origin Download only from known places (www.linux.org, etc.)
Remove as more Suids as possible
Securing Passwords
Crack-lib them. Ensure passwords are not too short, and not too easy to crack Shadow them. Dont put them in /etc/passwd but in /etc/shadow (todays default in RH 6.1 installation) Connect to remote system using SSH and SCP (FTP over SSH channel) to prevent passwords from being sent as cleartext
S vs. R
SSH require password RSH doesnt require or a RSA phrase (SSH any password agent) SCP require password RCP - no passwords (no one will sent files needed without authorization) Several Authentication Work with Kreberos method are available solely
S vs. R
Use Compression Plain Connection
Dont require password at all - no password is moved, if one of the encryption functions has been broken - no one get the password!
Authentication
Prevents IP spoofing (claiming to be other IP then you are) Sometimes the algorithm allows also setting up a key for the rest of the session (Kreberos for example) Slow a little bit the connection (in the beginning) Known (and used) algorithms - Kreberos, RSA Challenges.
Dangerous Permissions
Suid/Sgid - Check very carefully. Especially when the file is owned by root/wheel Write to all (xx2) Nouser/Nogroup .rhosts file (open R-services) Use find to find the files
Introduction to Hacker 1
Use port scanner on the machine you are about to attack (nmap does great, and helps you in finding the OS running on the computer) Go to hackers web-sites, and look for the right exploits and scripts Try to examine the Services code, maybe youll find a backdoor
Security HOWTO
Restrict physical approach (locks etc.) Consider BIOS and LILO passwords Lock workstation when youre not near (vlock/xlock) Try to reduce root access to one of tty declared in /etc/securetty Try to use su - instead of login as root
Auditing
Audit your system Check Network once in awhile (Denial of Service attacks can be identified using this) Check who log on and from where. Check if it make sense
Basic Concepts
Use PAM (change of passwords etc. is not at your responsibility - less vulnerability) Check permissions before actions Check overflow/underflow. Be as Robust as you can If you are writing a deamon double check everything (and quad check it again).
Links
Hackers Search Engine - Neworder.box.sk Security policy - RFC 2196 ietf.org/rfc/rfc2196.txt
Links (cont.)
Security Links www.linuxhq.com/HOWTO/Security-HOWTO-11.html