LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-09-2016, 10:11 AM   #1
browny_amiga
Member
 
Registered: Dec 2001
Location: /mnt/UNV/Mlkway/Earth/USA/California/Silicon Valley
Distribution: Kubuntu, Debian Buster Stable, Windoze 7
Posts: 670

Rep: Reputation: 56
Linux hardening / security auditing


I'm evaluating how secure my systems are.
For this I want to know what is possible and how hackers would go about getting a memory dump from a running system.
Let's say the system is on, but locked, so login would be required.
Is there a way that a hacker can read out the memory of the machine without logging in? Without knowing the password and without being able to escalate to root?
The user would not have full access of the whole memory, so a memory dump would not be possible I figure.
I have heard that forensics experts regularly get a dump of a machines memory and that it is critical that the machine does not get switched off, because then all bets are off, especially in full system encrypted one.
 
Old 03-09-2016, 03:11 PM   #2
mazinoz
Member
 
Registered: Mar 2003
Location: Mansfield Queensland Australia
Distribution: Linux Mint - Tara
Posts: 497

Rep: Reputation: 35
Just curious as to what kind of setup you have eg: OS, wireless / wifi / ethernet / home vs work?
 
Old 03-09-2016, 07:07 PM   #3
browny_amiga
Member
 
Registered: Dec 2001
Location: /mnt/UNV/Mlkway/Earth/USA/California/Silicon Valley
Distribution: Kubuntu, Debian Buster Stable, Windoze 7
Posts: 670

Original Poster
Rep: Reputation: 56
This is a Debian Jessie machine, Ethernet, on a home network.
 
Old 03-09-2016, 07:52 PM   #4
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,517

Rep: Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619Reputation: 2619
and WHO is your ISP ???

Wide Open West uses "Arris" routers and YOU the customer are LOCKED OUT
you DO NOT have the secret password for the hardware connected to your computer
-- THEY DO!!! --

and your wireless password IS YOUR ACCOUNT NUMBER!!!!!!!
 
Old 03-11-2016, 01:05 AM   #5
mazinoz
Member
 
Registered: Mar 2003
Location: Mansfield Queensland Australia
Distribution: Linux Mint - Tara
Posts: 497

Rep: Reputation: 35
I think this may be possible,though I'm not a hacker. They can brute force your setup, portscan, ping you to death, deauth from router, mac spoof your MAC, pretend to be you on router, sniff out wireless AP's, inject rootkits, destroy data etc. It would help if you can tell us the type and brand of router used. Mine is able to provide both ethernet and wireless for example. The security setups for each of these different.
 
Old 03-19-2016, 04:18 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
Quote:
Originally Posted by browny_amiga View Post
(..) For this I want to know what is possible and how hackers would go about getting a memory dump from a running system. Let's say the system is on, but locked, so login would be required.
Assessing security posture is good but give us more details to work with, OK? Is it a virtual machine on that server? If not: can the machine be accessed physically by anyone? What services are running? What network / system / service access are authorized users given? By what means is authorized user access controlled? Are there any adjacent machines or network equipment the same user has access to? Where are backups stored and how?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Hardening, auditing, host security and network security on Slackware systems mralk3 Slackware 11 08-11-2015 03:53 PM
hardening \ securing \ auditing a linux server account Networking Linux - Security 15 09-22-2009 07:00 PM
hardening \ securing \ auditing a linux server account Networking Linux - Security 4 08-06-2009 01:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:29 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration