Hands-On Ethical Hacking and Network Defense: Linux Operating System Vulnerabilities
Hands-On Ethical Hacking and Network Defense: Linux Operating System Vulnerabilities
Hands-On Ethical Hacking and Network Defense: Linux Operating System Vulnerabilities
Objectives
Describe the fundamentals of the Linux
operating system
Describe the vulnerabilities of the Linux
operating system
Describe Linux remote attacks
Explain countermeasures for protecting the
Linux operating system
inodes
Information stored in an inode
An inode number
Owner of the file
Group the file belongs to
Size of the file
Date the file was created
Date the file was last modified or read
Mounting
In Windows, each device has a letter
10
Linux Commands
12
13
Getting Help
Many of these commands have multiple
parameters and additional functionality
Use these commands to get help.
(Replace command with the command you
want help with, such as ifconfig)
command --help
man command
14
Linux OS Vulnerabilities
UNIX has been around for quite some time
Attackers have had plenty of time to
discover vulnerabilities in *NIX systems
Enumeration tools can also be used
against Linux systems
Nessus can be used to enumerate Linux
systems
15
16
Linux OS Vulnerabilities
(continued)
Nessus can be used to
17
Linux OS Vulnerabilities
(continued)
Test Linux computer against common
known vulnerabilities
18
19
Footprinting an Attacked
System
Footprinting techniques
22
Common techniques
Urgency
Quid pro quo
Status quo
Kindness
Position
23
Trojans
Trojan programs spread as
E-mail attachments
Fake patches or security fixes that can be
downloaded from the Internet
Trojans
Trojan programs can use legitimate
outbound ports
25
26
LRK5
See Links Ch 9h, i, j
27
Rootkit Detectors
Security testers should check their Linux
systems for rootkits
28
Demonstration of rkhunter
sudo apt-get install rkhunter
sudo rkhunter -c
29
30
31
32
33
Sniffers
35
36
Keeping Current
Never-ending battle
38
39
40