Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I will be moving to a new office building where they have their own domain and i am seeing this as a great opertunity (sp) to get my feet wet. i run a linux for my perticular office (weather forecasters) and this is the backbone of our business. I had to explain what this workhorse of a computer does. (being only a p3 450mhz, 128mb ram) pushing data to the outside server, pushing and receiving data(atleast once a second) from our satellite system, and constantly hitting 3 or 4 internet weather sites for forecasts/observations, model images and satellite images. this thing needs to retire.lol.
anyway, i am trying to get myself better in the security issue and i have only found that i put up a firewall and close all ports except for 80 and 22. i have heard that a good way to learn security is to crack a system. well i have a linux that i just closed all of the ports but 80 (for my intranet) and 22 (for remote ssh) what tools am i going to need to gain root access? where can i find information on how to become more security oriented and what tools to use to counter any attacks if one occures? oh and i guess inorder to crack my system i will need to have some tools for that.
p.s. please don't flame me i am really looking to learn from this experience. i am not wanting to be a cracker. i just wnat to be able to find holes in my system so i can fix them and apply this info to my work.
i have heard that a good way to learn security is to crack a system. well i have a linux that i just closed all of the ports but 80 (for my intranet) and 22 (for remote ssh) what tools am i going to need to gain root access? where can i find information on how to become more security oriented and what tools to use to counter any attacks if one occures? oh and i guess inorder to crack my system i will need to have some tools for that.
Didn't a question like this just get moderated yesterday? I certainly will not, and I pray that no one else does either, point you or anyone else in the direction of exploits, cracking tools, or other stuff to crack a system. I went to fairly decent college to study CS, and no where do I remember a class called Hacking 101 that was nessesary to becoming a system administrator. If you where as knowlegeable as you claim to be, you would know that the Internet is awash with hacks and cracks right now, and that is by and large the reason that new vulerabilities are posted daily. Easy to use cracking tools get in the hands of Script Kiddies that cliam "I'm just doing research, " or "I want to better know about security" or "I'd never do anything immoral with it". Well, how can I be 100% sure that you aren't (or anyone else for that matter, because this isn't a personal issue) going to use whatever you find to try and down me? Case in point: the Microsoft Unicode exploit is widely published right now, you can find how to do it and get scripts all over. So now I got this one Scripty that's too ignorant to tell a IIS MS sever from an Apache server- yet he fills my logs with the error reports from trying those scripts of his. I had another one several weeks back use a popular brute force app to try to hack into my FTP server. And the best part is, it's an ANON server!! And so he tries "system admin", "test", and the week after, "root". I reported him to his ISP, complete with the logs of his actions.
So no, you don't need exploits or howto's on hacking to be a system administrator. I don't belive for one second your true intentions, and no amount of "please don't flame me" will help. If you truely belive in destroying or breaking something in order to make it stronger or more secure, then take up a sledge-hammer and whack your computer to pieces.
I used to belive in this type of stuff , that it should be freely available for everyone to see- until I saw the results of it: dozens & dozens of script-kiddies, running around port-scanning each other , hoping to find someone that will write/post a point & click exploit for them so they can destroy what myself and everyone else in this forum holds dare- their system.
Look through the whole thread, but when you start securing a box, start at the top and work your way down, choosing what is important to you. There is enough info and web sites to keep you buisy for awhile
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Well to answer the original question, you won't learn anything by simply downloading exploit programs and running them. How then, would you crack a system? *Side note: A "cracker" is someone who maliciously breaks software or systems, while a "hacker" is simply someone who is curious about how things work and tries to understand and improve them.
Back on topic, how are you going to break a system without pre-fabricated automated tools? Well, you have to understand how the system works. OK, if you understand how the system works, then why do you need to crack it to learn how it works? You don't.
Since it's knowledge that you're after, you'll need to pick this up from somewhere. You could sit down with the source code to every available application and comb through it line by line, but then again you would need to understand programming languages.
Where am I going with all this? You need to read. Pickup books about system, network, and programming security. Read any articles that you can. Subscribe to some of the security e-mail lists (such as those on Security Focus) and just read the threads that go by. I would not recommend asking questions at first (especially questions such as "how do I crack so and so?"), but you can gain a lot by just looking at what other people are talking about.
For book recommendations, I've found that in general the Sams and O'Reilly books are particularly good. Building Internet Firewalls (from O'Reilly) should be a prerequsite for any network security position. The Hacking Exposed series gets honorable mention (I only read one of the early editions, but their recent line-up of titles looks worthwhile). For publications, I get Information Security Magazine, and 2600 magazine. 2600 is a hacker's mag, but in the traditional sense of the term "hacker". It's all about learning how things work. Some kids don't understand the ideas the editors of 2600 are trying to get across, but if you do understand it can be a powerful tool (the ignorant just comb it looking for ready-to-use exploit code).
Any way, that's more than enough help to get you started. Also let your fingers do the walking across the Internet. There are some pretty interesting sites out there if you stumble across them (and they don't have free warez and pop-up porn ads). Finding them is up to you.
There are also sys/network/security admin courses run by reputable companies. I read in a recent Computer Weekly (I think) about a course in which you learn to hack into a system in order to see what happens. I think it was marketed as a "get into the mind of a hacker" type thing.
But to repeat the above, read up on network security (O'Reilly and others have lots of books), search the web and/or get your company to put you on a course.
now after i am reading my original post i am feeling ashamed for asking what i did. i appologize for being so dumb. i am really looking for info on how to be a better admin. i truly am sorry that i offended anyone with my request. i did hear that idea that breaking a system would be the best way to fix it but i am guessing that is not a concensus among most of the linux users.
i have been using and working with linux for just over a year now and i still consider myself a noob. i hope that i have not lost any respect from any of you and i hope that no one will shun my for my moment of stupidity.
i will check out the sites that were given to me for security.
Cool - Joesbox, you are not the first to ask this and I am sure you will not be the last. What you asked is equivalent to saying "I want to know how to make a vault ore secure. Does anyone know where I can find a car, a bomb and a plan?" (to paraphrase The Young Ones).
As I said, there are lots of books you can read and if you do break anything while learning you will know the steps to fix it. I would also suggest that you get a pc/server that isn't a live one so that if you do break it you won't have users hammering on your door (or face!).
If you are already a sys admin, you could ask for courses for development. If you are not, you will have to start at the bottom.
Distribution: depends on the mood -- these days.. Slack!
Posts: 44
Rep:
If I might be able to put in another suggestion. I teach security at a college and one of the things I use to help bring home the importance of investigating vulnerabilities and such is the use of "wargames". This is achieved by students building systems and then attacking each other (they get an "F" if they attempt to attack anything outside the school plus a visit to the Dean).
That said, why not build your own "abuse" computer/network and play with that (if you're intent on "cracking"). There are huge debates on whether people should solely look at security and not go near the "dark side". I don't advocate that for one simple reason: if you don't know what the attack looks like and how it will affect your system, it is likely, IMHO, that you will have more "false positives" than are necessary.
In addition, I think that one learns a lot more from mistakes made in an environment like that. Now, note that I'm not advocating that one attack networks at whim (there is one author that suggests this and personally, I think he's off his rocker).
If you're looking for reading material some of the ones that I've found good besides those mentioned thus far:
O'Reilly's Practical Unix & Internet Security, 3rd Edition
Linux System Security
Intrusion Detection: A System Administrator's Guide (EXCELLENT BOOK!)
Hacking Exposed 4th Edition (not bad but could be better)
Building Secure Servers with Linux
And of course, know your network protocols inside, out (helps for the networking portion).
I hope that helps. If you want more info just let me know.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
But banderson, nmap and nessus are just tools. Running them doesn't gain you any know-how it just spits out a bunch of information. I'm saying that you need to understand the basics of how these tools are written and what they do before you run around using them. An admin who just picks up a bunch of tools and runs them is no different from a script kiddie that picks up 'sploits and runs them. In both cases the user doesn't really understand what they're doing.
Also by the way, with all due respect to MsMittens, I do not think that university is the appropriate place to be teaching people how to attack systems. University students don't have the maturity and background experience to really get value out of such excersizes. You have to be in the industry and experience the productive side of computing before there's value in attacking systems. Prior to that it's like giving a kid TNT and telling him to only learn with it--that's just asking for trouble.
So-called Ethical Hacking may have a place in information security, but it should only be for those who already have a proven track-record of ethical and constructive behavior.
Should a programmer-in-training know what a buffer overflow is and how to avoid creating possible overflow conditions in their code? Absolutely! Do they need to exploit a buffer overflow against a running system to understand it? I don't believe so.
I disagree, you don't need to know how the tools are written to use them effectively. I do agree that you need to know what they do and how to use them, however this can be learned very quickly from many different sources. I think the function of both nmap and nessus are pretty easy to understand.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
It's easy to understand the output yes, but it's not easy to understand what's going on if you don't have good knowledge of IP and the protocols based on it. Aside from knowing the protocols, you have to know the services that implement them. It's much better to learn the underlying technology first, then use tools to automate tasks that you know how to do by hand.
Should a programmer-in-training know what a buffer overflow is and how to avoid creating possible overflow conditions in their code? Absolutely! Do they need to exploit a buffer overflow against a running system to understand it? I don't believe so.
Finally, something we agree on!
To the original poster, OK, if that really is your true intention. I just see way too many dangerous pieces of code get passed around freely. Maybe someone can look at it and learn from it, or take it into consideration, or protect themselves better because of it, but then you also have the people that will copy it and fire it off at random targets, too. There's no 100% fail-safe way to determine before hand what someone will do with it before it's posted to the Internet population at large.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.