Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't know if this is a right place to ask this, but I'll give it a try...
I am doing a thesis for my graduation, on a subject of "Linux security modules". And my plan is to create 4 virtual machines with Ubuntu, or some different distribution, and set 4 different security modules on each virtual machine. AppArmor, SELinux, Smack and TOMOYO...
And I was thinking to simulate an attack on each security module to establish what are the good sides and bad sides of each module...
So my question is... Is there a safe way to simulate the attack and to get a proof of this attack and to establish and see what I did on the way...
Thank you for this info...
I didn't have the time to read all of it, but from what I have read, it is going to be very very usefull...
If you know anything else that might be helpfull, I would be grateful...
What sort of attacks are you thinking about carrying out? The only way I can think to safely simulate an attack would be attack your own infrastructure, or in this case, vm on a local network with no internet. Now in order to see what you did while carrying out the attack, and if you don't program using the pcap library or whatever, I would recommend a good network analyzer like wireshark, snort, and/or hexinject to see and log what is going on while you are attacking yourself. And I'm still not sure of what attack you are trying to carry out exactly.. Probe scan and overflow(ddos), ssh brute force, httpd attacks, etc ... Once again, unless you can write your own port scanners, or use libssh, libcurl, libpcap, or your own libraries of functions, I would recommend programs like nmap, hydra, the aircrack-ng suite, or just discovering stuff on a live boot of kali linux to carry out the attacks..
Last edited by Triple Fault; 02-21-2018 at 08:43 AM.
I don't mean literally a hacking attack, just something basic that I could use to prove that I tried to test each security module. I don't even have to bypass the module, just enough that it leaves me a trace or some kind of log that will tell me that someone tried to bypass the security module.
hmmmm... I'm not sure then. I can't figure out how to 'test' a security module without carrying out an 'attack' really. Good luck on your penetration & stress testing endeavors for school though
I will be interested to read your thesis in PDF form once you've completed it and gotten your sheepskin. It could be, or could become, a thorough introduction to the various kernel facilities that you (and your mentor) select. And that would be very nice to read.
Last edited by sundialsvcs; 03-06-2018 at 08:10 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.