LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-24-2001, 06:19 PM   #1
pnut028
LQ Newbie
 
Registered: May 2001
Posts: 3

Rep: Reputation: 0
Question


I am currently in my first linux class. My teacher issued a challenge to the class. He says no one can keep him off of their computer. I would like to know as many ways as I can find to make logon attempts as difficult as possible.
I need to cut off remote users
 
Old 05-24-2001, 07:53 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
Check for the following terms:
using whereis & man: daemon, inetd, tcpwrappers, hosts.deny, ipchains, rlogin, shadow, PAM.
on the web: LASG, IDS, Securing Linux, Maximum Security.
It aint that hard, just think client->server model.
 
Old 05-24-2001, 08:11 PM   #3
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
You need to cut off all remote access?

You can simply shutdown all the daemons that allow remote access or firewall up all your ports with something like (assuming your using ipchains)

ipchains -A input -i eth0 -s 0.0.0.0/0 --destination-port 1:1024 -p tcp -j DENY
ipcahins -A input -i eth0 -s 0.0.0.0/0 --destination-port 1:1024 -p udp -j DENY

you'd also need to do the same for a few higher ports like NFS if you have it running. The above will cause any incomming packets on ports 1-1024 to be dropped. The server won't even return a message saying the connection was not accepted...

HTH

Jamie...
 
Old 05-24-2001, 10:29 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
hmm. thats not learning... thats cut & paste :-[
 
Old 05-25-2001, 05:21 AM   #5
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
Quote:
Originally posted by unSpawn
hmm. thats not learning... thats cut & paste :-[
If he/she didn't know it before yet cuts and pastes it, and see what it does then it's learning is it not?

More seriously; quite correct - its a solution not where to find a solution, but this is what was asked for.

cheers.

Jamie...
 
Old 05-25-2001, 10:00 AM   #6
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
Smile

pnut028,

I don't like to point out the obvious, but if your teacher makes a comment like that, then he's going to do something you won't expect and from my experience probably backhanded.

Close off all the remote port and he will wait until class is over and mount to a CD-rom get root and add a backdoor.

If they have physical access to the computer, then you can't keep them out of the OS. "you can slow em down"...

/Raz

 
Old 05-25-2001, 04:27 PM   #7
Q25
Member
 
Registered: May 2001
Distribution: RedHat 9.1
Posts: 131

Rep: Reputation: 16
oh.. so that's what he meant by keeping him off..

Well.. here's my suggestion then..
1st : Close all ports with either tcpwrapper, ipchains or iptables..
2nd : Stand guard by the pc with a big club..
 
Old 05-25-2001, 05:35 PM   #8
jharris
Senior Member
 
Registered: May 2001
Location: Bristol, UK
Distribution: Slackware, Fedora, RHES
Posts: 2,243

Rep: Reputation: 46
Big Club? Why not go the whole hog and wire it to blow if its tampered with
 
Old 05-26-2001, 09:44 PM   #9
abyss
Member
 
Registered: May 2001
Location: New York, USA
Distribution: AIX, Ubuntu
Posts: 113

Rep: Reputation: 16
How about setting a power-on password in the BIOS. If you pick a good one, you can prevent him from even booting the machine at all....

....unless he opens the case, pops out the CMOS battery for a few hours, and then puts it back together.

Like Raz said....anything to slow him down a little....
 
Old 05-26-2001, 09:49 PM   #10
Q25
Member
 
Registered: May 2001
Distribution: RedHat 9.1
Posts: 131

Rep: Reputation: 16
Most Mobo's will let you reset CMOS on the board without removing the battery.. which leads me back to the club thing again
 
Old 05-26-2001, 10:52 PM   #11
abyss
Member
 
Registered: May 2001
Location: New York, USA
Distribution: AIX, Ubuntu
Posts: 113

Rep: Reputation: 16
Point taken, Q25. The club sounds better and better.
 
Old 06-01-2001, 10:38 AM   #12
fenris@bu
LQ Newbie
 
Registered: May 2001
Posts: 18

Rep: Reputation: 0
club..bah.....I'd be standin on top of the machine with a sawed off....much more fun...
 
Old 06-01-2001, 10:41 AM   #13
fenris@bu
LQ Newbie
 
Registered: May 2001
Posts: 18

Rep: Reputation: 0
i got an idea...kinda backhanded....take out the mobo....then he cant get on..even with physical access to the machine....either that..or steal the HDD...then he can use the machine..but not the os...
 
Old 06-01-2001, 11:08 AM   #14
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 255Reputation: 255Reputation: 255
Throw some cow dung on the computer itself and keyboard, that should prevent anyone from getting to it physically.
And make it a stand alone machine, nothing connected to the outside world.
He should have trouble then getting into it.
 
Old 06-01-2001, 02:23 PM   #15
mcleodnine
Senior Member
 
Registered: May 2001
Location: Left Coast - Canada
Distribution: s l a c k w a r e
Posts: 2,731

Rep: Reputation: 45
the only safe computer is no computer.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
help needed in security ,vonarabilities ,loopholes in linux security haseebnazar Linux - Security 2 11-23-2005 08:16 PM
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 02:02 AM
linux security hariiyer Linux - Security 8 06-02-2005 12:42 AM
todays requirements regarding security (not limited to linux security) markus1982 Linux - Security 8 04-25-2004 11:58 PM
Linux security Vs Windows security keene General 50 11-02-2003 12:22 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration