Scribd
Upload
7 views

Cybersecurity Course - Week 4

The document provides a comprehensive guide on installing virtualization software such as VMware and Oracle VirtualBox, as well as an overview of the Linux operating system, specifically Kali Linux, which is used for penetration testing. It details the Linux file system structure, user types, file permissions, and security measures. Additionally, it explains important commands and configurations related to file ownership and system security in a Linux environment.

Uploaded by

Grace
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

Cybersecurity Course - Week 4

The document provides a comprehensive guide on installing virtualization software such as VMware and Oracle VirtualBox, as well as an overview of the Linux operating system, specifically Kali Linux, which is used for penetration testing. It details the Linux file system structure, user types, file permissions, and security measures. Additionally, it explains important commands and configurations related to file ownership and system security in a Linux environment.

Uploaded by

Grace
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 31

Installing Virtual Machin Software

Search for
VMware
Workstation
Player

Click this to
download
VMware

Step 1: Search for VMware on google Step 2: Click the download link to start download or follow the instructions

Search for
VMware
Workstation
Player

Click this to
download
VMware

Step 1: Search for Oracle Virtualbox on google Step 2: Click the download link to start download or follow the instructions
Installing Virtual box

Click the
corresponding
OS version to Click Next to
start download proceed

Select OS version. We will select Windows but you can select Mac OS if you use a Mac Click Next

Click Next Click Next. Then click “Install” on the final screen
Operating Systems
Linux Operating System
Linux is an OS that is built on the UNIX platform and provides
more in-depth interaction with the core components of a
computer.
Traditional Linux systems run on bare command-based interface.
However, recent versions now have Graphical User Interface (GUI)
Operating Systems
Linux Operating System
• Linux OS comes in different versions eg Red Hat, Mint, Ubuntu,
SUSE, etc
• For this class, we will use the Ubuntu version built for
Penetration testing and Ethical hacking
• This version is known as Kali Linux Suite
Linux File System Structure
Operating Systems
The Linux Operating System
Kali Linux
• Kali Linux is a Linux distribution designed for digital forensics and
penetration testing. It is maintained and funded by Offensive
Security.
• It is a free operating system, available for free download
• Often deployed using Virtualization Software like VMware or
Virtualbox
The Linux Operating System
• Exploring the Kali Linux Interface
1. Powering up and Login of Kali Linux
2. The Menus - Categories
3. The Terminal – Use and Purpose, Tabs
4. Sudo Overview (Sudo for elevated access, switching to root)
5. File and Folder Management (Directory Commands, Copy,
Remove, Rename, Permissions, etc)
File and System Security
#whereis
• Where is it…
• Sometimes you may which to search for a specific file
• You can use the command #whereis [file]
Tip
• Important when you are trying to use TAB to complete names
• When you are using options -a is different to –A
File and System Security
• Reduce the amount of information
• Ls | more
• Find webscarab | more
Tip
• Important when you are trying to use TAB to complete names
• When you are using options -a is different to –A
Directories
• / = root directory, starting point where the File System begins
• /root = root users directory (superuser)
• Don’t confuse the root users directory with the root directory…
• /bin = holds essential command binary files for normal users – tar ls
/sbin = holds essential command binary files for superusers –
mount ipconfig etc
• /boot = holds data that is required to boot up
• /dev = devices which are available
Directories
• /etc = configuration files
• /etc/passwd = information for each user account (Return later)
• /proc = provides system statistics (runtime only)
• /home = user home directories
• /etc = configuration files – normally text files
• /lib = shared library directories and kernel modules
• /var = variable data – changes whilst system is running
• /var/mail = incoming and outgoing mail
Directories (cont’d)
• /usr = user appliations, source code and config files
• Has subdirectories such as /src /bin /sbin and /lib
Tree command
• A recursive directory listing program
• #tree
• #tree -L
Run Levels
• Linux has several run levels
• 0 Halt
• 1 Single User Mode
• 2-5 Multi User Mode
• 6 Reboot
• Default is 2
• Allows customisation
• Different run levels can have different services running
• Change run level with #init [number]
• Scripts which control the different levels
• /rc0.d/ - for Halt
• /rc1.d/ - for Single User
Directories (cont’d)
Restrict Access
• Remember – Everything is a file!
• How do we secure and place restrictions on our File System?
• We generally need two things:

• Different types of users


• Parameters/flags to be set on directories and files
Different Types of Users
The root user - aka superuser
• Special account
• All privileges, root can do everything!
• Bad practise to use root as a main user account
• One of the main targets for attackers
• Privilege escalation attacks focus on obtaining root
• Buffer Overflows will ideally compromise an process which is
running as root
Different Types of Users (Cont’d)
The Normal user – kali, grace, bright, etc
• The normal user – bob, fred, user, a7958473
o With numerous restrictions placed on their access
• Fine grained control over their access
• But if you “The admin” only use a normal user account, what can
you do?
• Answer – Normal user with sudoer privileges
• As a sudoer you can execute commands with root privileges
The “passwd” File
• Stored in etc/ directory. Each account on the system has an entry
• Username – Just a name
• Password – The x means the password is stored in the shadow file
• Historically this was not the case
• Gecos – General information
• Homedir – The users home directory
• Shell – Shell that runs when the user logs in
• You can view the passwd file as a normal user
The “passwd” File
UID and GID
• The fact root username is root means nothing to Linux
• The power of root lies in its UID and GID
• UID – User ID
• 0 – any user with a UID of 0 gets superuser privileges
• 1-99 – reserved for predefined accounts
• 100-999 – reserved for system admin
• Stored in the /etc/passwd file
The “shadow” file
• Stored in the etc/ directory
• In the passwd file the password is an x or *
• Encrypted password are stored in the shadow file
• You cant view the shadow file as a normal user
• But there encrypted aren't they?
• Yes but… Rainbow Tables => www.freeraindowtables.com
The “shadow” file
• username:encryptedpass:sincechange
:maybechanged:mustbechanged:warndays:disabledays
• sincechange – days since password was changed
• maybechanged – days until password can be changed
• mustbechanged – days until the password must be changed
• warndays – days to warn of expiring password
• disabledays – days to disable account after password is expired
group File
Stored in the etc/ directory
Each file has both a user and group owner
users can be attached to many groups
groupname:password:gid:members
◦Groupname – Just a name
◦Password – used to join the group
◦Members – members whos default group is different
File Ownership
One of your last lines of defence
Can prevent/delay a malicious user who has
broken in (until he get root access…)
Command #ls –l
Shows file ownership and permissions
File Ownership

Image acquired from Running Linux 5th Ed.


Permission Modes
For a file
Read – Look at contents
Write – Change or delete
Execute – Run the file
For a directory
Read – List contents of directory
Write – Add or remove files from that directory
Execute – List information about files
Alternatively…..
You can use letters instead of numbers
+ add permission
- remove permission
=?
u user
g group
o other

#Chmod u+x – would add the execute permission for the user
#Chmod ug-rwx – would remove the read, write and execute
SetUserID and SetGroupID
 The command:

◦ #chmod +s [file]

 Sets the user ID bit on the file

◦ #chmod g+s [file]

 Sets the group ID bit on the file


SID and SGID
 Sometimes, unprivileged users must be able to accomplish tasks that
require privileges.
 An example is the passwd program, which allows you to change your
password.
 Changing a user's password requires modifying the password field in
the /etc/passwd file.
 However, you should not give a user access to change this file directly—
the user could change everybody else's password as well!
 Likewise, the mail program requires that you insert a message into the
mailbox of another user, yet you should not give one user unrestricted
access to another's mailbox.
 To get around these problems, Unix allows programs to be endowed
with privileges.
SID and SGID
 Processes executing these programs can assume another UID or
GID when they 're running.
 A program that changes its UID is called a SUID program (set-UID);
a program that changes its GID is called a SGID program (set-GID).
 Finding All of the SUID and SGID Files
 You should know the names of every SUID and SGID file on your
system.
 If you discover new SUID or SGID files, somebody might have
created a trap door that they can use at some future time to gain
superuser access.
Remember………
 Remember when you install an application to check the

permissions and ownership


 Is it secure, can anyone use it etc…

You might also like