21 Dec 2012

R3verse - Linux Hardning guide v.1




▄▀ Linux Hardening distribution tutorial provided by ▄▀






Rquirements:

[*] Linux distribution 64 bit or 32 bit.
[*] Knowledge of basic linux commands! 
[*] Knowledge behind the scenes of executing linux commands
[*] Encryption knowledge



I will like to thank the following for motivating me, to provide,
this tutorial right here, and why it's neccesary!.

In my opinion, you gotta treat shell access, like it is physical access!.

Before we start, I would like to give some credit around here.


Thanks to:


HAK5



There is several ways of hardening linux distributions!.
In this scenario, we will dive into Ubuntu, and we will enumerate,
my way of doing it, in a linux environment.

Okay, so let's dive right into it.
No more wasting time, doing 1337 copy + paste, of any source code!,
Now I, breakdown concept tools, and techniques, for hackers, network gurus, and IT ninjas.
It's all about to make internal/local security, at your Linux box!. Off we go...

This thread will cover, How To Linux Hardening, with my opinion

[*] Encrypt files with GPG
[*] Chattr
[*] Encryption on harddrive partition
[*] Linux Distributions & scripts to hardening!
[*] Umask benefits!



GPG encryption folders & files


So basically GPG & GPGdir, is a tool provided by default in most likely,
any linux distribution. You might want to enumerate your own way of encrypt,
a file/directory. In this scenario, I'm going to show you the way I do, for hardening my own Linux environment.

Below here you will see my output from my terminal,
this indicates how gpg works when I entered a pass phrase,
and used cat to view the output.


Code:
root@r3verse-M11x:/test1# cat test2.txt
hello there
root@r3verse-M11x:/test1# gpg -c test2.txt
gpg: gpg-agent is not available in this session
root@r3verse-M11x:/test1# ls -l
total 8
-rw-r--r--. 1 root root 12 Apr 30 23:44 test2.txt
-rw-r--r--. 1 root root 60 Apr 30 23:45 test2.txt.gpg
root@r3verse-M11x:/test1# cat test2.txt.gpg
% ��
�+��Y�� ���-�y~�
����(Ԉ[�7�"����;,x8����root@r3verse-M11x:/test1#

Resources:

GPG - file encryption
http://www.cyberciti.biz/tips/linux-how-...sword.html

GPGdir - directory encryption
You might, want to study this on your own!
http://cipherdyne.org/gpgdir/download//



Chattr - user privileges attributes


Okay, we now explained how GPG works, now let's dive into
Chattr, which you mind find a bit tricky.


As you may see in this scenario, we set our attribute on test2.txt
afterwards we determine, which file had the immunate flag "i". Below you will find my output,
and which kind of access to the file I have.


Code:
root@r3verse-M11x:/test1# chattr +i test2.txt
root@r3verse-M11x:/test1# lsattr *
----i--e- test2.txt
root@r3verse-M11x:/test1# ls -l
total 4
-rw-r--r--. 1 root root 12 Apr 30 23:44 test2.txt
root@r3verse-M11x:/test1#

Even if you try to nano test2.txt
and try to modify this bit of code,
you WONT,
be able to.. even as root!. ;-) scary huh?. This is my output...


Now imagine, how great is this security enchance!?..
Pretty good right.

To remove the file simply, use the command below.
I just added a minus symbol instead of a plus..
You can now change permissions by chmod or remove it by rm,
in the way you want!.

Code:
root@r3verse-M11x:/test1# chattr -i test2.txt


WARNING - BIG IMAGE!



Encryption on harddrive partition



We all know of Truecrypt right...Well this is ONE solution.
To point it out, we have of course several ways of disk encryption!..
Such as How-To by David Braun
The other ones, I have to credit my own study. :).

Below here, you can find more info on it.
I won't dive into it, since I'm trying,
to keep this tutorial small and smooth to understand n' follow!, for you to enjoy!


[*] Truecrypt
http://www.truecrypt.org/downloads

[*] Bastille
http://www.bastille-unix.org/running_bastille_on.htm

[*] Hardened Linux distribution
http://hardenedlinux.sourceforge.net/?sub=doc

[*] EnGarde
http://www.engardelinux.org/


Umask benefits!


To start off with, I have to say, you might think, well chmod is one way of
change the permissions of a file / directory. Right... well you might not know this yet then. :) ... We'll dive into it in a bit.


Definition of Umask:

A great tool provided to automate the permission assignments.
There is a standard permission for Umask, which set the permissions for files and folders,
which are created in an environment where 002, which means, the files which we focus on would be set with the permissions (rw-r--r--).
Folders will by default, used this command, being set to 775 (rwxr-xr-x).


We are focused on our own asset of security implementing,
of our own linux environment right?.

Now, the best solution for YOU, to implement by using the Umask command would be setting the file / folder to 0037.
This will gain the permissions 640 (rw-r--), and folders by default, 

will have permissions 750 (rwxr-x---).

Below here I show you how I create a file,
showing the permissions of the user by root, and what I did change it to.
Now imagine, if you had several users, you could set like in my case r3verse,
to only have the minimal amount of permissions!..


I have a basic rule. Don't ever make an attackers job easy!
EVER!.

My PoC here in this scenario:

Code:
root@r3verse-M11x:/test1# umask
0022
root@r3verse-M11x:/test1# umask 037
root@r3verse-M11x:/test1# umask
0037
root@r3verse-M11x:/test1# su r3verse
r3verse@r3verse-M11x:/test1$ touch test2.txt
touch: cannot touch `test2.txt': Permission denied
r3verse@r3verse-M11x:/test1$ ls
test2.txt
r3verse@r3verse-M11x:/test1$ ls .l
ls: cannot access .l: No such file or directory
r3verse@r3verse-M11x:/test1$ ls -l
total 4
-rw-r--. 1 root root 37 May  1 01:14 test2.txt
r3verse@r3verse-M11x:/test1$ umask
0002
r3verse@r3verse-M11x:/test1$

If you have any questions, regarding this thread,
please feel free to post a comment! ;-)


19 Dec 2012

Standfords University - Cryptography Part 4!

Python Programming Week 4 Completed

BruteForcing

Programmerings opgaven var rimelig simpel, der skulle bare lidt SQL injection indblandet i programmeringsarbejdet.

Herunder her koden som jeg benyttede mig af for at extracte enhver byte af de hexidecimaler fra hjemmesiden, til at kunne løse opgaven!



27 Nov 2012

Standfords University - Cryptography Part 1!

Kære Læsere!

Der er nu gået noget tid, siden jeg sidst har blogget.
Da jeg har været under press vedrørende min eksamen!

Undervejs er der sket følgende:

[+] Eksamens forberedelse på 1. Semster - Datamatiker Uddannelsen.
[+] Standfords University - Cryptography

Kurus Startet:

✔ Standfords University - Cryptography

Opnået følgende:

-  Programmerings opgave løst
-  Problem set 1 næsten fejlfrit!

Der vil dog gå noget tid før jeg kommer til at blogge igen,
da jeg har en deadline for eksamen sammen med min gruppe som er D. 7

Efterfølgende mit eksamensprojekt, bliver der igen blogget med updateringer fra Standfords University, da jeg har flere opgaver at løse, før jeg starter på 2. Semester på Datamatiker uddannelsen.

Når det er sagt, bliver vi på 2. Semester introduceret til noget som bliver kaldt for "CAos"
som jeg ser rigtig meget frem til at gå i møde! :).

Credits

^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~^~

Takket være min reference: Martin Dipo Zimmermann
fik jeg startet lige i tide på dette gratis kursus hos Standford University.
Jeg vil derfor takke dig Martin for hvis du skulle læse dette! ;-).,



17 Nov 2012

Dato: 17-11-12


Introduktion

 

Hej!

Jeg har opstartet denne blog for at kunne undervejs tilføje notater til og kommentarer til mine projekter som kommer løbende, så som på mit studie eller i min hverdag.

Hovedsageligt når jeg begynder at tage flere kursuser vil der også komme opdateringer omkring det.
Imellemtiden hvis du interessere dig for IT-sikkerhed og mangler et lille tip, så besøg min hjemmeside.

Hjemmesiden: http://www.maxjensen.dk


Kurus Startet d. 16-11-12:

✔ ISMS-ISO 27001 ( Information Security Management System ).

Mit mål med denne certificering er at jeg ville kunne være i stand til at implementere bedre løsninger for virksomheder i fremtiden når det gælder IT sikkerhed.


Følg mig gerne på Linkedin :)
 
TRYK HER https://www.linkedin.com/profile/view?id=172943201