LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 04-02-2003, 09:18 AM   #1
tenraek
LQ Newbie
 
Registered: Mar 2003
Posts: 23

Rep: Reputation: 15
need help with class assignment


Okay, before I go and inivertly raise red flags, allow me to explain that this is a legit request for help. Also, I apologize for this long entry, but I need to be very detailed with this request.

Currently I am learning RH8 in my operating System class, here at New Hampshire Technical Inst. As we are starting to learn using Linux as a server. To make a point about security, Our instructor, who is also a white hat hacker, as decided that our weekly test will be to take down other peoples Apache servers. To me a few other people I talk to in class it's obvious that he wants to see if we've been paying attention. During the last class we did fresh reinstalls of RH8. From the beginging of this course we have all used the same p/w for root, however, he also had us setup accounts with unique user anmes, but the same p/w. Also, during the reinstall, he had us select "no firewall" during setup.

His plan is to disconnect us fromt he rest of the schools network, write everyone IP on the board and see if we've takent he proper security measures, and can keep our servers going.

Now I myself do have a plan in place which looks like this (coming into the next class we'll have 30 mins to get our servers ready):

DEFENSE:
During the prep time I'm going to:
-turn on the firewall to highest settings, leaving only port 80 open for Apache which must remain active for this exercise.
-change all passwords (Like I said the two account that are ont here now, all have the same p/w as everyone else)
-Not vist other students websites *

OFFENSE:
-As I believe about 1/2 to 2/3 of the class will forgot to activate the firewall, and change their p/ws, I'm planning on using SSH to login to there systems, change their p/w's then execute 'init 0'. As we have not talked about SSH in class yet (or telnet) most students don't know about it).

*The problem come from the instroctor himself. During lab time last week, we used to time to prepare for this upcoming class. (only a few of us stayed). To give an idea of what we can do, he wrote samll web page, whose code (I forgot to save to disk and bring back with me) called on VIM editor and nothing else. Although he didn't do it to me (so I didn't get to see what happens), but after ot students went to this page (which had no viewable content) the instructor went back to his comp and did something that definatly got a reaction out of the students who had gone to his page.

Obviously, I want to know what it was he did, and how he did it.

Also, can I put command scripts in a webpage? I'm hoping I can so I can write a script that executes inti 0 when persons go to my server (This will be very effective on those who did remember to activate fireall and change p/w.

And if yourwondering, what we get for doing this? That last student standing with his server still running will get 20 bonus points on the final (If that isn't motivation I don't know what is). ALSO, the instructor WILL be joing us in this exercise, so we have to go against HIM TOO (remember he's a white hat hacker!). Any and all help with this will be very appreciative.

Last edited by tenraek; 04-02-2003 at 09:21 AM.
 
Old 04-02-2003, 11:57 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,017
Blog Entries: 54

Rep: Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764
LOL, wish I had classes like that. For the defensive stuff, make sure you chattr +iu all your configs, binaries and don't forget to set limits on iptables entries you're allowing and watch for "weird" packet flag mixes, the DoS stuff. Harden your network (daemon) scripts and make sure your LAMP setup is free from "default" stuff like scripts: remove or .htaccess the web root. Have a look at part one of the Security references thread in the security forum.

Visiting other ppl's pages should be no prob, just turn off Java and java|ecmascript or use Links/lynx. For the offensive stuff just be creative about how to get in, a default install has lots of services running, just do a quick nmap if you don't succeed with Ssh.
 
Old 04-02-2003, 09:03 PM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
That class is sweet.

Shut off everything that you absolutely don't need in chkconfig. Look at the dynamically loaded modules in apache (/etc/httpd/conf/httpd.conf) and comment out all off all of the weird stuff (webdav, rewrite, etc). Turn off indexing and follow symlinks. Make sure that the webpage files are all read-only. Make sure to nmap yourself and verify that the ONLY thing listening is httpd (apache). Also look at the man-page for nmap (man nmap) to see what kind of fun you can have with other people's systems.

-BTW, unSpawn's suggestion to chattr the configs is downright unfair!
 
Old 04-02-2003, 09:22 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,017
Blog Entries: 54

Rep: Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764Reputation: 2764
BTW, unSpawn's suggestion to chattr the configs is downright unfair!
Depends on how you work the system I guess. I like RH, handle sys stuff from the cli, edit my configs with a simple Vi-wrapper that handles these extended attributes and does incr backups. If you're using GUI/curses stuff and/or don't know your system then handling chattered stuff is gonna be a major PITA.

Btw, if this suggestion is unfair you'll be glad to know I left out my brainfarts about the offensive part, LOL!
 
Old 04-03-2003, 12:31 AM   #5
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
>handling chattered stuff is gonna be a major PITA.
If 1/3 to 2/3 of the class isn't even going to remember to turn iptables on, it's likely that anyone lucky enough to get a shell is going a hell of a time with chattred configs. Pretty slick, I'll have to remember that one next time I set up a firewall or server.

> you'll be glad to know I left out my brainfarts about the offensive part
Lol. I'll keep that in mind next time I get the urge to post my iptables script!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Implementing a vector class from a list class purefan Programming 9 04-14-2005 10:48 PM
PHP: how to use a method from a class in the same class ldp Programming 5 09-17-2004 09:52 AM
BlackBox.class & VerifierBug.class virus ??? dalek Linux - Security 4 02-29-2004 08:55 AM
Inheriting class members (Qt C++, QApplication class) jtshaw Programming 2 01-15-2004 11:52 AM
c++ : regarding (inheritence)base class and derived class edreddy Programming 6 07-31-2002 06:33 PM


All times are GMT -5. The time now is 11:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration