Overview of Unix Jagdish S. Gangolly School of Business

Slides:



Advertisements
Similar presentations
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Advertisements

153 Configuring and Securing ARPA/Berkeley Services Version A.01 H3065S Module 13 Slides.
Unix Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Unix permissions, ownership and setuid File security and ownership The chmod(1) command Process Ownership Setuid, Setgid and the Sticky bit Writing setuid.
Chapter 21 Security. Computer Center, CS, NCTU 2 Firewall (1)  Using ipfw 1.Add these options in kernel configuration file and recompile the kernel 2.Edit.
Exploring the UNIX File System and File Security
1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Passwords in Unix/Linux Systems.
Linux and UNIX Overview 1 Linux and UNIX Overview.
The UNIX File System.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Unix System.
Linux+ Guide to Linux Certification, Second Edition
Chapter 3 Unix Overview. Figure 3.1 Unix file system.
1. This presentation covers :  User Interface Administration  Files System and Services Management 2.
Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
O.S security Ge Zhang Karlstad University. Outline Why O.S. security is important? Security schemes in Unix/Linux system Security schemes in windows system.
Overview: Identify the Internet protocols and standards Identify common vulnerabilities and countermeasures Identify specific IIS/WWW/FTP concerns Identify.
workshop eugene, oregon UNIX ™ /Linux Overview Unix/IP Preparation Course July 19, 2009 Eugene, Oregon, USA
User Manager for Domains.  Manages the user accounts in a domain  It is located in the PDC  While User Manager exists in each NT machine, but it is.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
OS Hardening Justin Whitehead Francisco Robles. ECE Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.
ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.
Bugs SATAN scans for It is interesting to look at the bugs SATAN scans for. They are easily detected by the scanners and therefore do not pose a threat.
Inetd...Server of Servers Looks at a number of ports Determines when a service is needed on any of those ports Calls the appropriate server Restarts new.
Day 11 SAMBA NFS Logs Managing Users. SAMBA Implements the ability for a Linux machine to communicate with and act like a Windows file server. –Implements.
UNIX ™ /Linux Overview Unix/IP Preparation Course May 23, 2010 Kigali, Rwanda.
UNIX ™ /Linux Overview Unix/Linux Preparation Course June 27, 2010 Pago Pago, American Samoa.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
Linux Introduction What is Linux? How do you use it?
USING YOUR INSTALLED LINUX SYSTEM.  Common Linux Tasks  Installing Custom Packages  Common GUI Applications  Command Line Shell  Directory Structure/Navigation.
Chapter 10: Rights, User, and Group Administration.
Chapter 3 & 6 Root Status and users File Ownership Every file has a owner and group –These give read,write, and execute priv’s to the owner, group, and.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
1 LINUX SECURITY. 2 Outline Introduction Introduction - UNIX file permission - UNIX file permission - SUID / SGID - SUID / SGID - File attributes - File.
TCOM Information Assurance Management System Hacking.
Review Please hand in any homework and practicals Vim Scripting Inter-device communication.
UNIX History - joint venture between MIT and Bell Labs (originally called Multics) – Ken Thompson (AT&T) created an operating system to run Space.
Daemons Ying Zhang CMSC691X, Summer02. Outline  Introduction  Init and Cron  System daemons  Print daemons and NFS daemons  Time synchronization.
Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.
Unix System Administration Chapter 31 Daemons. Out of the Goo, the Primordial Process l Init l Always the first process to run after system boot l Always.
Chapter 6 Server Management: Domains Workgroup Domain Trust Relationship Examples.
Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
Karlstad University Operating System security Ge Zhang Karlstad University.
Hacking Windows.
SYSTEM ADMINISTRATION PART I by İlker Korkmaz and Kaya Oğuz
Linux and UNIX Overview
Linux 101 Training Module Linux Basics.
Unix/IP Preparation Course
Chapter 5 : Designing Windows Server-Level Security Processes
UNIX Introduction History Main Features UNIX Operating System
Rootly Powers and Controlling Processes
LINUX ADMINISTRATION
LINUX ADMINISTRATION 1
Security.
Lecture 8 Copyright © 2015 Stuart Jacobs.
Overview of Networking & Operating System Security
UNIX Services and Daemons
Chapter 7 File and file System structure
Database Security Jagdish S. Gangolly School of Business
LINUX SYSTEM ADMINISTRATION
Threats in Networks Jagdish S. Gangolly School of Business
Security Modeling Jagdish S. Gangolly School of Business
Operating System Security
Linux Architecture Overview.
Daemons & inetd Refs: Chapter 12.
The Attack and Defense of Computers
Rootly Powers Chapter 3.
Adding New Users.
Access Control and Audit
Presentation transcript:

Overview of Unix Jagdish S. Gangolly School of Business State University of New York at Albany NOTE: These notes are based on the book Counter Hack, by Ed Skoudis and are prepared solely for the students in the course Acc 661 at SUNY Albany. They are not to be used by others without the permission of the instructor. 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly Overview of Unix Architecture File System Structure Kernel and processes Account groups 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Architecture: File System Structure Hierarchical / Bin dev etc home lib mnt proc tmp usr var passwd group bin man sbin 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Architecture: Kernel & Processes I CPU can run at most one program at a time Kernel schedules processes, allocates and manages memory, and prevents one process from accessing memory belonging to other processes Daemons (background processes) perform print spooling, network services, file-sharing, web access, remote management capabilities, etc. 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Architecture: Kernel & Processes II Automatically starting processes: Init: parent of all user-level processes (/etc/init.d) Httpd (port 80), Sendmail (port 25), NFS Inetd (/etc/inetd.conf) Echo, Chargen, FTPd, Telnetd, Shell, login, TFTP Cron Vulnerability: Use of inetd.conf to create attack relays 11111 stream tcp nowait nobody /usr/sbin/tcpd /usr/bin/nc [next_hop] 54321 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Architecture: Kernel & Processes III Vulnerability: Create a backdoor using Inetd Overflow a buffer in a program running with root level privileges Run a shell command to insert a line into the inetd.conf file (the line sets up a high order tcp port, running as root a command shell to execute any commands received) Killall command sends an HUP signal to Inetd process, making it reread the configuration file 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly Accounts and Groups /etc/passwd Login name, encrypted/hashed password, UID number, default GID number, GECOS information, home directory, login shell Vulnerability: Password attacks Guessing, login scripts, L0phtCrack (win), John the Ripper /etc/group Unix permissions SetUID 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly Miscellaneous Unix trust /etc/hosts.equiv .rhosts R-commands rlogin, rsh, rcp, … Vulnerable to IP-spoofing Logs and auditing /var/log/secure /var/log/messages /var/log/httpd, /var/log/cron,… 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly Miscellaneous utmp – who wtmp – last lastlog – time of user’s last login 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly Windows 2000 Domains: share authentication database Primary Domain Controller (PDC) Backup Domain Controller (BDC) SAM database Shares: remote connections to network devices Service packs and hotfixes 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Windows 2000: Architecture User Mode Kernel Mode Executive Subsystems Hardware Abstraction Layer Accounts and groups Default accounts (Administrator, Guest) Created by administrator Groups: Global and local 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Windows 2000: Architecture II Privileges: Administrators, users, guests Rights: things users can do that can be added or revoked Abilities: built-in capabilities of groups that can not be altered Policies: Account policy User properties settings Trust: No trust, Complete trust, Master domain, Multiple master domain 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Windows 2000: Architecture III Auditing System Logging Security Logging: logons/logoffs, files/object access, use of rights,… Application Logging Object access control and permissions Ownership NTFS permissions: No access, Read, Change, Full control Share permissions 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Windows 2000: Architecture III 9/16/2018 Acc 661 Auditing of Adv Acctg Systems (Spring 2003) Gangolly

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.