21 Dec 2012

R3verse - Linux Hardning guide v.1




▄▀ Linux Hardening distribution tutorial provided by ▄▀






Rquirements:

[*] Linux distribution 64 bit or 32 bit.
[*] Knowledge of basic linux commands! 
[*] Knowledge behind the scenes of executing linux commands
[*] Encryption knowledge



I will like to thank the following for motivating me, to provide,
this tutorial right here, and why it's neccesary!.

In my opinion, you gotta treat shell access, like it is physical access!.

Before we start, I would like to give some credit around here.


Thanks to:


HAK5



There is several ways of hardening linux distributions!.
In this scenario, we will dive into Ubuntu, and we will enumerate,
my way of doing it, in a linux environment.

Okay, so let's dive right into it.
No more wasting time, doing 1337 copy + paste, of any source code!,
Now I, breakdown concept tools, and techniques, for hackers, network gurus, and IT ninjas.
It's all about to make internal/local security, at your Linux box!. Off we go...

This thread will cover, How To Linux Hardening, with my opinion

[*] Encrypt files with GPG
[*] Chattr
[*] Encryption on harddrive partition
[*] Linux Distributions & scripts to hardening!
[*] Umask benefits!



GPG encryption folders & files


So basically GPG & GPGdir, is a tool provided by default in most likely,
any linux distribution. You might want to enumerate your own way of encrypt,
a file/directory. In this scenario, I'm going to show you the way I do, for hardening my own Linux environment.

Below here you will see my output from my terminal,
this indicates how gpg works when I entered a pass phrase,
and used cat to view the output.


Code:
root@r3verse-M11x:/test1# cat test2.txt
hello there
root@r3verse-M11x:/test1# gpg -c test2.txt
gpg: gpg-agent is not available in this session
root@r3verse-M11x:/test1# ls -l
total 8
-rw-r--r--. 1 root root 12 Apr 30 23:44 test2.txt
-rw-r--r--. 1 root root 60 Apr 30 23:45 test2.txt.gpg
root@r3verse-M11x:/test1# cat test2.txt.gpg
% ��
�+��Y�� ���-�y~�
����(Ԉ[�7�"����;,x8����root@r3verse-M11x:/test1#

Resources:

GPG - file encryption
http://www.cyberciti.biz/tips/linux-how-...sword.html

GPGdir - directory encryption
You might, want to study this on your own!
http://cipherdyne.org/gpgdir/download//



Chattr - user privileges attributes


Okay, we now explained how GPG works, now let's dive into
Chattr, which you mind find a bit tricky.


As you may see in this scenario, we set our attribute on test2.txt
afterwards we determine, which file had the immunate flag "i". Below you will find my output,
and which kind of access to the file I have.


Code:
root@r3verse-M11x:/test1# chattr +i test2.txt
root@r3verse-M11x:/test1# lsattr *
----i--e- test2.txt
root@r3verse-M11x:/test1# ls -l
total 4
-rw-r--r--. 1 root root 12 Apr 30 23:44 test2.txt
root@r3verse-M11x:/test1#

Even if you try to nano test2.txt
and try to modify this bit of code,
you WONT,
be able to.. even as root!. ;-) scary huh?. This is my output...


Now imagine, how great is this security enchance!?..
Pretty good right.

To remove the file simply, use the command below.
I just added a minus symbol instead of a plus..
You can now change permissions by chmod or remove it by rm,
in the way you want!.

Code:
root@r3verse-M11x:/test1# chattr -i test2.txt


WARNING - BIG IMAGE!



Encryption on harddrive partition



We all know of Truecrypt right...Well this is ONE solution.
To point it out, we have of course several ways of disk encryption!..
Such as How-To by David Braun
The other ones, I have to credit my own study. :).

Below here, you can find more info on it.
I won't dive into it, since I'm trying,
to keep this tutorial small and smooth to understand n' follow!, for you to enjoy!


[*] Truecrypt
http://www.truecrypt.org/downloads

[*] Bastille
http://www.bastille-unix.org/running_bastille_on.htm

[*] Hardened Linux distribution
http://hardenedlinux.sourceforge.net/?sub=doc

[*] EnGarde
http://www.engardelinux.org/


Umask benefits!


To start off with, I have to say, you might think, well chmod is one way of
change the permissions of a file / directory. Right... well you might not know this yet then. :) ... We'll dive into it in a bit.


Definition of Umask:

A great tool provided to automate the permission assignments.
There is a standard permission for Umask, which set the permissions for files and folders,
which are created in an environment where 002, which means, the files which we focus on would be set with the permissions (rw-r--r--).
Folders will by default, used this command, being set to 775 (rwxr-xr-x).


We are focused on our own asset of security implementing,
of our own linux environment right?.

Now, the best solution for YOU, to implement by using the Umask command would be setting the file / folder to 0037.
This will gain the permissions 640 (rw-r--), and folders by default, 

will have permissions 750 (rwxr-x---).

Below here I show you how I create a file,
showing the permissions of the user by root, and what I did change it to.
Now imagine, if you had several users, you could set like in my case r3verse,
to only have the minimal amount of permissions!..


I have a basic rule. Don't ever make an attackers job easy!
EVER!.

My PoC here in this scenario:

Code:
root@r3verse-M11x:/test1# umask
0022
root@r3verse-M11x:/test1# umask 037
root@r3verse-M11x:/test1# umask
0037
root@r3verse-M11x:/test1# su r3verse
r3verse@r3verse-M11x:/test1$ touch test2.txt
touch: cannot touch `test2.txt': Permission denied
r3verse@r3verse-M11x:/test1$ ls
test2.txt
r3verse@r3verse-M11x:/test1$ ls .l
ls: cannot access .l: No such file or directory
r3verse@r3verse-M11x:/test1$ ls -l
total 4
-rw-r--. 1 root root 37 May  1 01:14 test2.txt
r3verse@r3verse-M11x:/test1$ umask
0002
r3verse@r3verse-M11x:/test1$

If you have any questions, regarding this thread,
please feel free to post a comment! ;-)


19 Dec 2012

Standfords University - Cryptography Part 4!

Python Programming Week 4 Completed

BruteForcing

Programmerings opgaven var rimelig simpel, der skulle bare lidt SQL injection indblandet i programmeringsarbejdet.

Herunder her koden som jeg benyttede mig af for at extracte enhver byte af de hexidecimaler fra hjemmesiden, til at kunne løse opgaven!