An Introduction to UNIX Security A Presentation by Trey Evans

Slides:

Advertisements

Similar presentations

Network Vulnerabilities and Attacks Dr. John Abraham UTPA.

Advertisements

Man in the Middle Attack

Lesson 3-Hacker Techniques

IUT– Network Security Course 1 Network Security Firewalls.

Are you secured in the network ?: a quick look at the TCP/IP protocols Based on: A look back at “Security Problems in the TCP/IP Protocol Suite” by Steven.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

System Security Scanning and Discovery Chapter 14.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN

Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

ITIS 6167/8167: Network and Information Security Weichao Wang.

Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Securing a Wireless Network

Ana Chanaba Robert Huylo

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

SECURITY BASELINES -Sangita Prabhu.

07/11/ L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: voice.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

OS Hardening Justin Whitehead Francisco Robles. ECE Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.

Chapter 20 – Firewalls The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

How Hackers Attack Networks. Common platforms for attacks Windows 98/Me/XP Home Edition Linux, OpenBSD, Trinux, and other low-cost forms of UNIX LinuxOpenBSDTrinux.

FORESEC Academy FORESEC Academy Security Essentials (III)

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Network Security Techniques by Bruce Roy Millard Division of Computing Studies Arizona State University

1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch

Mahindra-British Telecom Ltd. Exploiting Layer 2 By Balwant Rathore.

Linux Networking and Security

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Firewall Security.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.

Network Security Part III: Security Appliances Firewalls.

Penetration Testing: Bypassing UNCW NetReg Vince Tran & Howard Kleinberg 1.

Chapter 3.  Upon completion of this chapter, you should be able to:  Select and install network cards to meet network connection requirements  Connect.

Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://

Hands-On Ethical Hacking and Network Defense

Quiz 2 -> Exam Topics Fall Chapter 10a - Firewalls Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set.

JMU GenCyber Boot Camp Summer, “Canned” Exploits For many known vulnerabilities attackers do not have to write their own exploit code Many repositories.

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

1 CNLab/University of Ulsan Chapter 19 Firewalls  Packet Filtering Firewall  Application Gateway Firewall  Firewall Architecture.

Lecture 12 Page 1 CS 136, Spring 2009 Network Security: Firewalls CS 136 Computer Security Peter Reiher May 12, 2009.

Mobile Packet Sniffer Ofer Borosh Vadim Lanzman Dr. Chen Avin

Comparison of Network Attacks COSC 356 Kyler Rhoades.

Network System Security - Task 2. Russell Johnston.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

An Introduction To ARP Spoofing & Other Attacks

Port Scanning James Tate II

The Linux Operating System

Securing A Wireless Network

Wireless Network Security

Welcome To : Group 1 VC Presentation

Digital Pacman: Firewall Edition

Backtrack Metasploit and SET

IP-Spoofing and Source Routing Connections

Network hardening Chapter 14.

AbbottLink™ - IP Address Overview

Presentation transcript:

An Introduction to UNIX Security A Presentation by Trey Evans

Linux or UNIX? System V Linux, AIX, HP-UX, Solaris BSD Net, Open, Free AT&T SCO, IRIX, Solaris

Out of the Box Security Very limited deployment options Custom tailoring always the best option Expensive to migrate Often easy to monitor

Kernel Security Remove any drivers not used If the user needs them, he/she can add them at boot time Prevents unstable drivers from causing hiccups when called Eliminates possibility of attacker exploiting weak driver or combination of drivers

Network Security ipchains, iptables, “routes” Tells machine what to do with what packets under certain circumstances Set up *nix box as a router / firewall / both Tame user privileges No need for users to be able to change IP Keep users from enabling promiscuous mode Keep users from enabling second network card Perhaps disable user access to usbhci

Security Sendmail Qmail

Begin Fun Stuff

Penetration Physically insert your machine into the target’s network Bypass perimeter security Control router or outer most point “Edge devices”

Physical Insertion Basically, obtaining an IP on the system Man in the middle Wireless – airjack userland utilities Wired – spoof MAC, auth as legit user Easiest way – Wireless bestican.net/wifi/pres.pdf DHCP? IP addressing scheme?

Bypass security Portscan looking for services nmap stealth mode (-s) or OS discover (-O) Box on inside? Test firewall rules using packet crafting See illustration DoS or DDoS Lame. Google exploits for firewall

Outermost Device Root access on gateway or firewall or router Gives access to ALL packets on network Redirect at will Change IP table Change message or headers Sniff passwords Write them down, you’ll need them later

Discovery Ask “what’s the payload?” Portscan nmap, NetCat, nmap for X Rootkit Requires root on an internal box Must be well hidden Exploit scanner Don’t get caught Hardware may skew results Morph

Elevate Privileges Local access is root access Based on boot loader, usually Google.com Doesn’t insert NFS folders into hierarchy Exploits tailored to machine Cool CC example Cool passwd example

Historic Exploits FTPD buffer overflow Widespread, FTPD installed by default often Gave root FTP access Sendmail remote call Auth as root Send mail as anyone, read anyone’s mail evil.c Not a big threat (unless hosting) Local access needed Demo?