Showing posts with label HackNotes. Show all posts

A Must-Have Resource for Critical 

Security Information

Michael O'Dea



HackNotes Windows Security Portable Reference distills into a small form factor
the encyclopedic information in the original Hacking Exposed: Windows 2000.
—Joel Scambray, coauthor of Hacking Exposed 4th Edition, Hacking
Exposed Windows 2000, and Hacking Exposed Web Applications;
Senior Director of Security, Microsoft’s MSN



HackNotes Windows Security Portable Reference takes a ‘Just the Facts,
Ma’am’ approach to securing your Windows infrastructure. It checks the overly
long exposition at the door, focusing on specific areas of attack and defense.
If you’re more concerned with securing systems than speed-reading
thousand-page tech manuals, stash this one in your laptop case now.
—Chip Andrews, www.sqlsecurity.com, Black Hat Speaker, and 
coauthor of SQL Server Security

No plan, no matter how well-conceived, survives contact with the enemy.
That’s why Michael O’Dea’s HackNotes Windows Security Portable Reference
is a must-have for today’s over-burdened, always-on-the-move security
professional. Keep this one in your hip pocket. It will help you prevent your
enemies from gaining the initiative.
—Dan Verton, author of Black Ice: The Invisible Threat of
Cyber-Terrorism and award-winning senior writer for Computerworld

HackNotes Windows Security Portable Reference covers very interesting
and pertinent topics, especially ones such as common ports and services,
NetBIOS name table definitions, and other very specific areas that are essential
to understand if one is to genuinely comprehend how Windows systems are
attacked. Author Michael O’Dea covers not only well-known but also more
obscure (but nevertheless potentially dangerous) attacks. Above all else, he
writes in a very clear, well-organized, and concise style—a style that very few
technical books can match.
—Dr. Eugene Schultz, Ph.D., CISSP, CISM, Principle Computer Systems
Engineer, University of California-Berkeley, Prominent SANS speaker
===================
Contents
Acknowledgments. . . . . . . ix
HackNotes: The Series . . . xi
Introduction . . . . . . . .. . . xiii
Reference Center
Hacking Fundamentals: Concepts  . . . RC 2
ICMP Message Types . . . . . . . . . . . . RC 5
Common Ports and Services . . . . . . . .  RC 7
Common NetBIOS Name Table Definitions .RC 12
Windows Security Fundamentals: Concepts . RC 13
Windows Default User Accounts . . . . . RC 14
Windows Authentication Methods . . . . .RC 15
Common Security Identifiers (SIDs) . . . RC 16
Windows NT File System Permissions . . RC 17
Useful Character Encodings . . . . . . . . .  RC 18
Testing for Internet Information Services
ISAPI Applications .  . . . . .. RC 21
Security Related Group Policy Settings .RC 22
Useful Tools . . . . . . . . . . . . .  RC 26
Quick Command Lines . . . . . . RC 28
WinPcap / libpcap Filter Reference . RC 29
nslookup Command Reference RC 30
Microsoft Management Console . RC 31
Online References . . . . . . . . . . . . RC 32
Part I
Hacking Fundamentals
■ 1 Footprinting: Knowing Where to Look
Footprinting Explained . .. . . . . 4
Footprinting Using DNS . .. . . . 4
Footprinting Using Public
Network Information . .. . . . 10
Summary . . . . . . . . . . . . . . . 12
■ 2 Scanning: Skulking About
Scanning Explained . . . . . . . . . . 14
How Port Scanning Works . . . . . 14
Port Scanning Utilities . . . . . . . . . 21
Summary . . . . . . . . . . . . . . . . . . 30
■ 3 Enumeration: Social Engineering, Network Style
Enumeration Overview . . . . . . . . . 32
DNS Enumeration (TCP/53, UDP/53)  . 35
NetBIOS over TCP/IP Helpers (UDP/137,
UDP 138, TCP/139, and TCP/445) . .  . 37
Summary . . . . . . . . . . . . . . . .. 48
■ 4 Packet Sniffing: The Ultimate Authority
The View from the Wire . . . ..  . 50
Windows Packet Sniffing . . . . . 50
Summary . . . . . . . . . . . . . . . . . 57
■ 5 Fundamentals of Windows Security
Components of the Windows Security Model . .. 60
Security Operators: Users and User Contexts . . . 60
Authentication . . . . . . . . . . . . . . . . . . . . . . . . 66
Windows Security Providers . . . . . . . . . . . . .  . 69
Active Directory and Domains . . . . . . . . . . . . 70
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Part II
Windows 2000 and 2003 Server Hacking Techniques & Defenses
■ 6 Probing Common Windows Services
Most Commonly Attacked Windows Services . . 76
Server Message Block Revisited . . . ........... . . . 76
Probing Microsoft SQL Server . . . . . . . . . . . . 89
Microsoft Terminal Services /
Remote Desktop (TCP 3389) . . . .. 93
Summary . . . . . . . . . . . . . . . . . . . .  96
■ 7 Hacking Internet Information Services
Working with HTTP Services. 98
Simple HTTP Requests . . . . . 98
Speaking HTTP . . . . . . . . . . .99
Delivering Advanced Exploits .  100
Introducing the Doors . . . . . . . .102
The Big Nasties: Command Execution 102
A Kinder, Gentler Attack . . . . . . . . . .. 115
Summary . . . . . . . . . . . . . . . . . . . . . .. 117
Part III
Windows Hardening
■ 8 Understanding Windows Default Services
Windows Services Revealed ..  122
The Top Three Offenders . . . . 122
Internet Information Services/
World Wide Web Publishing Service . . . . 122
Terminal Services . . . . . . . . . . . . . . . . . . 123
Microsoft SQL Server / SQL
Server Resolution Service . . . 123
The Rest of the Field . . . . . ... 123
Summary . . . . . . . . . . . . . . .. 134
■ 9 Hardening Local User Permissions
Windows Access Control Facilities . . . 136
File System Permissions . . . . . . . . .  . 136
Local Security Settings . . . . . . . . . . . .146
Summary . . . . . . . . . . . . . . . . . . . . . . .154
■ 10 Domain Security with Group Policies
Group Policy Overview . .  . . . . . . . . . . . . . 156
Group Policy Application . . . . . . . . . . . . .  . . 157
Working with Group Policies . . . . . . . . . . . . . .  157
Working with Group Policies in Active Directory . 163
Editing Default Domain Policies . . . . . . . . . . .. 164
Controlling Who Is Affected by
Group Policies . . .  165
Using the Group Policy Management
Console . .  . 166
Summary .  . 168
■ 11 Patch and Update Management
History of Windows Operating System Updates .  170
Automatic or Manual? . . . . . . . . . . . . . . . . . . . . . 171
How to Update Windows Manually . . . . . . . . .. . 172
Manual Updates in Disconnected
Environments . . . . . . . . . . . . . . . . . . . .. 173
Windows Update: What’s in a Name? . . .173
How to Update Windows Automatically .174
Verifying Patch Levels:
The Baseline Security Analyzer . .177
Summary . . . . . . . . . . . . . . . . .  179
Part IV
Windows Security Tools
■ 12 IP Security Policies
IP Security Overview . . . . . . . . . . 184
Working with IPSec Policies . . . . . 185
Default Policies: Quick and Easy .. 186
Advanced IPSec Policies . . . . . . . 191
Troubleshooting Notes . . . . . . . . . 197
Summary . . . . . . . . . . . . . . . . . .  197
■ 13 Encrypting File System
How EFS Works . . . . . . . . . . . . . . 200
Public Key Cryptography and EFS . 200
User Encryption Certificates . . . . . . 201
Implementing EFS . . . . . . . . . . . . . 202
Adding Data Recovery Agents . . . .203
Configuring Auto-Enroll User Certificae 205
Setting Up Certificate Server .  206
Using Encrypting File System .  209
Summary . . . . . . . . . . . . . . . . . 212
■ 14 Securing IIS 5.0
Simplifying Security . . . . . . . . . . . . . . . 214
The IIS Lockdown Tool . . . . . . . .. . . . 215
How the IIS Lockdown Tool Works . . 217
URLScan ISAPI Filter Application .  . . 218
Disabling URLScan . . . . . . . . . . . . .  . 220
IIS Metabase Editor . . . . . . . . . . . . . . 221
Summary . . . . . . . . . . . . . . . . .  . . . 222
■ 15 Windows 2003 Security Advancements
What’s New in Windows 2003 . . 224
Internet Information Services 6.0 . .224
More Default Security . . . . . . . .. . 227
Improved Security Facilities . . . . . 232
Summary . . . . . .  . 233
■ Index . . . . . . . . . . .235

---------------------------------------------
Screenshot


The Windows family of operating systems boasts some of the most user-friendly administrative controls available on the market today. The consistent, intuitive interface of both the workstation and server editions allow users to feel their way through complicated processes like setting up web services, remote administration, or file sharing with minimal assistance. This trait has been a cornerstone of the popularity of the Windows operating systems. It has also been a cornerstone of the Windows security track record.

Purchase Now !
Just with Paypal
●▬▬▬❂❂❂▬▬▬●
Product details
 Price
 File Size
 4,919 KB
 Pages
 289 p
 File Type
 PDF format
 ISBN
 0-07-222785-0
 Copyright
 2003 by The McGraw-Hill Companies 
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬▬❂❂▬▬▬●
●▬▬❂▬▬●






══════════

Scure Your Web

MIKE SHEMA


E-books Shop
 HackNotes Web Security: Portable.Reference

"The World Wide Web brings together information,
commerce, personalities, and more. "

=======================
The applications that populate the Web reflect the desires of
persons who wish to buy, sell, trade, or just talk. Consequently,
web application security is not just about protecting
your credit card because a site uses 128-bit
encryption. It is about how the application takes your
credit card, stores it in a database, and later retrieves it
from the database. After all, if a malicious user can perform
a SQL injection attack that steals database information
using only a web browser, then the use of SSL is moot.
============================


Contents at a Glace
Reference Center . . . . . . . . . . . . . . . . . .  . RC 1
Part I Hacking Techniques & Defenses
■ 1 Web Hacking & Penetration Methodologies .. 3
■ 2 Critical Hacks & Defenses . . . . . . . . . . . . . . 23
Part II Host Assessment & Hardening
■ 3 Platform Assessment Methodology . . . . . . . . 75
■ 4 Assessment & Hardening Checklists . . . . . . .  99
Part III Special Topics
■ 5 Web Server Security & Analysis . . . . . . . . .  121
■ 6 Secure Coding . . . . . . . . . . . . . . . . . . . . . .. 139
■ A 7-Bit ASCII Reference . . . . . . . . . . . . . . . . 151
■ B Web Application Scapegoat . . . . . . . . . . . ...159

Contents
Acknowledgments . . . . . . . . . . . . . xiii
Hacknotes: The Series . . . . .  . . . . . xv
Introduction. . . . . . . . . . . . .  . . . . . xix
Reference Center
Application Assessment Methodology Checklist . . RC 2
HTTP Protocol Notes . . . . . . . . . . . . . . . . . . .  RC 10
Input Validation Tests . . . . . . . . . . . . . . . . . . . . RC 13
Common Web-Related Ports and Applications . RC 16
Quick-Reference Command Techniques . . . . . . RC 18
Application Default Accounts and
Configuration Files . . . . . . . . . . . . . . .  . . RC 21
“Wargling” Search Terms . . . . . . . . . . . . . . RC 22
IIS Metabase Settings and Recommendations .RC 23
Online References . . . . . . . . . . . . . . . . . . RC 28
Useful Tools . . . . . . . . . . . . . . . . . . . . . .. RC 30
Part I
Hacking Techniques & Defenses
■ 1 Web Hacking & Penetration Methodologies 
Threats and Vulnerabilities . . . . . .. 4
Profiling the Platform . . . . . . . . .  . 5
Profiling the Application . . . . . . . .. 9
Summary . . . . . . . . . . . . . . . . . . 21
■ 2 Critical Hacks & Defenses
Generic Input Validation
Common Vectors . . . . . . . . . . . . . 27
Source Disclosure . . . . . . . . . . . .  28
Character Encoding . . . . . . . . . . . 29
URL Encoding (Escaped Characters). 29
Unicode . . . . . . . . . . . . . . . . . . . .  30
Alternate Request Methods . . . . . .  32
SQL Injection . . . . . . . . . . . . . . . . . 33
Microsoft SQL Server . . . . . . . . . . . 39
Oracle . . . . . . . . . . . . . . . . . . . . . . .42
MySQL . . . . . . . . . . . . . . . . . . . . . .44
PostgreSQL . . . . . . . . . . . . . . . .  . 46
Putting It Together . . . . . . . . . . . . . . . 47
Cross-Site Scripting . . . . . . . . . . . . . .. 48
Token Analysis . . . . . . . . . . . . . . . . . . 50
Finding Tokens . . . . . . . . . . . . . . . . . . 50
Encoded vs. Encrypted . . . . . . . . . . . . 51
Pattern Analysis . . . . . . . . . . . . . . . . . . 55
Session Attacks . . . . . . . . . . . . . . . . . . . 55
Session Correlation . . . . . . . . . . . . . . . . 61
XML-Based Services . . . . . . . . . . . .. . . 63
Attacking XML . . . . . . . . . . . . . . . . .  . 64
Fundamental Application Defenses . . . . . 65
Input Validation . . . . . . . . . . . 65
Summary . . . . . . . . . . . . . .. . 72
Part II
Host Assessment & Hardening
■ 3 Platform Assessment Methodology
Vulnerability Scanners . . . . 76
Whisker and LibWhisker . .. 76
Nikto . . . . . . . . . . . . . . . .. 78
Nessus . . . . . . . . . . . . . . .  81
Assessment Tools . . . . . . . . 86
Achilles . . . . . . . . . . . . . .  . 86
WebProxy 2.1 . . . . . . . . . .  87
Curl . . . . . . . . . . . . . . . . . .. 91
Replaying Requests . . . . . . . 94
Summary . . . . . . . . . . . . .  . 98
■ 4 Assessment & Hardening Checklists
An Overview of Web Servers . . . . . . . 100
Log File Checklist . . . . . . . . . . . . . . .  101
Apache . . . . . . . . . . . . . . . . . . . . . . . . 101
Compile-Time Options . . . . . . . . . . .  101
Configuration File: httpd.conf . . . . . . . 106
IIS . . . . . . . . . . . . . . . . . . . . . . . . . .  . 110
Adsutil.vbs and the Metabase . . . . . . . 110
Accounts . . . . . . . . . . . . . . . . . . . . 112
File Security . . . . . . . . . . . . . . . . . . . .  112
Logging . . . . . . . . . . . . . . . . . . . . . . .  116
IIS Lockdown Utility (iislockd.exe) . . .. 116
Summary . . . . . . . . . . . . . . . . . . . . . . . 117
Part III
Special Topics
■ 5 Web Server Security & Analysis 
Web Server Log Analysis . . . . . . . . . . . .. 122
Proxies . . . . . . . . . . . . . . . . . . . . . . . . .  129
Load Balancers . . . . . . . . . . . . . . . . . . . 130
The Scope of an Attack . . . . . . . . . . . . . 132
Read or Write Access to the File System . . . 132
Arbitrary Command Execution . . . . . . . . . .  132
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . .137
■ 6 Secure Coding 
Secure Programming . . . . . . . . . 140
Language-Specific Items . . . . . . 144
Java . . . . . . . . . . . . . . . . . . . .  . 144
ASP . . . . . . . . . . . . . . . . . . . . . . 146
Perl . . . . . . . . . . . . . . . . . . . . .  . 147
PHP . . . . . . . . . . . . . . . . . . . . . . 148
Summary . . . . . . . . . . . . . . . . . . . 149
■ A 7-Bit ASCII Reference
■ B Web Application Scapegoat
Installing WebGoat . . . . . .. 160
Using WebGoat . . . . . . . .161
■ Index. . . . . . . . . . . . . . . . . 165

Screenshot
e-books shop

Purchase Now !
Just with Paypal
●▬▬▬❂❂❂▬▬▬●

Product details
 Price
 File Size
 3,423 KB
 Pages
 241 p
 File Type
 PDF format
 ISBN
 0-07-222784-2
 Copyright
 2003 by The McGraw-Hill Companies 
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●


═════ ═════

NITESH DHANJANI

McGraw-Hill/Osborne New York Chicago San Francisco
Lisbon London Madrid Mexico City MilanNew Delhi

EE-books Shop
HackNotes: Linux and Unix Security: Portable Reference

A virtual arms cache at your fingertips. HackNotes Linux and
Unix Security Portable Reference is a valuable reference for
busy administrators and consultants who value the condensed
and practical insight to understanding the threats they face
and how to practically utilize tools to test the security
of their environments.
—Patrick Heim, Vice President Enterprise Security,
McKesson Corporation


HackNotes Linux and Unix Security Portable Reference is
a valuable practical guide to protecting Linux and Unix systems
from attack. Many books give general (and often vague)
advice, whereas this book’s style provides very precise
descriptions of attacks and how to protect against them.
—Mikhail J. Atallah, Professor of Computer Science,
Purdue University, CERIAS

A clear concise guide to security problems faced by sysadmins today.
Every sysadmin should be familiar with the material covered in
HackNotes Linux and Unix Security Portable Reference. For every
vulnerability presented, the author provides common-sense guidelines
for securing your network. Emphasis on real world examples
reinforces just how serious today’s threat is.”
—Snax, The Shmoo Group, Maintainer of AirSnort
---------------------------------

Contents
Acknowledgments . . . . . . . . . . . . . . . xiii
Introduction. . . . .  . . . . . . . . . . . xix
Reference Center
Common Commands . .. . . . . . RC 2
Common Ports . . . . . . . . . . . . . RC 7
IP Addressing . . . . . . . . . . . . . . RC 9
Dotted Decimal Notation ..  . . . RC 9
Classes . . . . . . . . . . . . . . . . . RC 9
Subnet Masks . . . . . . . . . . . . . RC 11
CIDR (Classless Inter-Domain Routing) .. . RC 12
Loopback . . . . . . . . . . . . . RC 12
Private Addresses . . . . . . . RC 12
Protocol Headers . . . . . . . . RC 12
Online Resources . . . . . . . . . RC 15
Hacking Tools . . . . . ... . . . . RC 15
Web Resources . . . . . ... . . . . RC 18
Mailing Lists . . . . . . . . . . . . . RC 19
Conferences and Events . . .. . RC 19
Useful Netcat Commands. . .. . RC 20
ASCII Table . . . . . . . . . . . . .  . RC 22
HTTP Codes . . . .  . . . . . . . . RC 28
Important Files . . . . . . . . . .. RC 30
Part I
Hacking Techniques and Defenses
■ 1 Footprinting . . . . . . . . . . . . . . . . . . 3
Search Engines . . . . . . . . . . . . . . . . 4
Domain Registrars .. . . . . . . . . . . . . 8
Regional Internet Registries .  . . . . . 12
DNS Reverse-Lookups . . . . . . . . . 14
Mail Exchange . . ........... . . . . . . . . 15
Zone Transfers . . ................ . . . . . 16
Traceroute . ............. . . . . . . . . . . 18
Summary . ............. . . . . . . . . . . . 19
■ 2 Scanning and Identification .. . . . . . . 21
Pinging . . . . . . . . . . . . . . . . . . . . . 23
Ping Sweeping . ..... . . . . . . . . . . . 23
TCP Pinging . . . . . . . . . . . . . . . . . 25
TCP Connect . . . . . . . . . . . . . . . . 25
TCP SYN/Half-Open . . . . . . .. . . 26
FIN . . . . . . . . . . . . . . . . . . . . . . . 27
Reverse Ident . . .  . . . . . .  . . . . . . 28
XMAS . . . . . . . . . . . . . . . . . . . . . 28
NULL . . . . . . . . . . . . . . . . . . . . . . .9
RPC . . . . . . . . . . . . . . . . . . . . . . . . 29
IP Protocol . . . . . . . . . . . .  . . . . . . 30
ACK . . . . . . . . . . . . . . . . . . . . . . . 30
Window . . . . . . . . . . . . . . . . . . . . . 31
UDP . . . . . . . . . . . . . . . . . . .  . . . . 31
Fingerprinting . . . . . . . . . . . . . . . . . 32
Summary . . . . . . . . . . . .  . . . . . . 34
■ 3 Enumeration . . . . . . . . . . . . . . .. . .. . 35
Enumerate Remote Services . . . . . 36
FTP (File Transfer Protocol): 21 (TCP) . .37
SSH (Secure Shell): 22 (TCP) . . . . . . . . . . 38
Telnet: 23 (TCP) . . . . . . . . . . . . . . . . . .  . . 38
SMTP (Simple Mail Transfer Protocol):
25 (TCP) . . . . .  . . . . . . . . . . . . . . 39
DNS (Domain Name System):
53 (TCP/UDP) . . . . . . . . . . . . . . . 41
Finger: 79 (TCP) . . . . . . . . . .. . . . 42
HTTP (Hypertext Transfer Protocol): 80 (TCP) 43
POP3 (Post Office Protocol 3): 110 (TCP) . . . . . . 45
Portmapper: 111 (TCP) . . . . . . . . . . . . . . . . . . . . . 45
NNTP (Network News Transfer
Protocol): 119 (TCP) . . . . . . . . . . . . . . . . . . . . . 47
Samba: 137 to 139 (TCP and UDP) . . . . . . . . . . . 48
IMAP2/IMAP4 (Internet Message Access
Protocol 2/4): 143 (TCP) . . . . . . . . . . . . . . . . . 49
SNMP (Simple Network Management
Protocol): 161, 162 (UDP) . . . . . . . . . . . . . . . . 50
HTTPS (Secure Hypertext Transfer
Protocol): 443 (TCP) . . . . . . . . . . . . . . . . . . . . . 51
NNTPS (Secure Network News Transfer
Protocol): 563 (TCP) . . . . . . . . . . . . . . . . . . . . . 52
IMAPS (Secure Internet Message Access
Protocol): 993 (TCP) . . . . . . . . . . . . . . . . . . . . . 52
POP3S (Secure Post Office Protocol 3):
995 (TCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
MySQL: 3306 (TCP) . . . . . . . . . . . . . . . . . . . . . . . . 53
Automated Banner-Grabbing . . . . . . . . . . . . . . . . . . . . 54
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
■ 4 Remote Hacking . . . . . . . . . . . . . . . . . . 57
Remote Services . . . . . . . . . . . . . . . 58
Intrusion Tactics . . . . . . . . . . . . . .. . 58
Remote Service Vulnerabilities . . . . . 62
Application Vulnerabilities . . . . .. . 103
Nessus . . . . . . . . . . . . . . . . .. . . . . 104
Obtaining a Shell . . . . . . . . . .. . . . . 105
Port Redirection . . . . . . . . .  . . . . 108
Cracking /etc/shadow . . . . . . . . . . . 109
Summary . . . . . . . . . . . . .  . . . . . . 110
■ 5 Privilege Escalation . . . . . . . . . . . . . . . . . 111
Exploiting Local Trust . . . . . . . . . . . . . . 112
Group Memberships and Incorrect File Permissions 112
“.” in PATH . . . . . . . . . . . . . . . . . . . . . .. . . 114
Software Vulnerabilities . . . . . . . . . . . 115
Kernel Flaws . . . . . . . . . . . . . . . . . . 115
Local Buffer Overflows . . . . . . . . . .  116
Improper Input Validation . . . . . . 116
Symbolic Links . . . . . . . . . . . . . . . . . 117
Core Dumps . . . . . . . . . . . . . .  . . . . 117
Misconfigurations . . . . . . . . . . . . .. . . 118
Summary . . . . . . . . . . . . . . . . . . . . . . 118
■ 6 Hiding . . . . . . . . . . . . . . . . . . .  . 119
Clean Logs . . . . . . . . . . . . . . . 120
Shell History . . . . . . . . . . . . . . 120
Cleaning /var . . . . . . . . . . . . . 121
Backdoors . . . . . . . . .  . . . . 122
Setuid and Setgid Shells Owned by root . . 123
Changing a Local Account’s uid to 0 . . . . 123
.rhosts . . . . . . . . . . . . . .  . . 124
SSH’s authorized_keys . . . . . 125
Trojans . . . . . . . . . . . .  . . . 126
Rootkits . . . . . . . . . . . . . . .126
Summary . . . . . . . . . . . . . . 128
Part II
Host Hardening
■ 7 Default Settings and Services .  . . . . . . 131
Set Password Policies . . . . . . . . . . . .. 132
Remove or Disable Unnecessary Accounts .. 132
Remove “.” from the PATH Variable . . 132
Check the Contents of /etc/hosts.equiv . 133
Check for .rhosts Files . . . . . . . . . . . .  . 133
Disable Stack Execution . . . . . . . . . . . . 133
Use TCP Wrappers . . . . . . . . . . . . . . .  133
Harden inetd and xinetd Configurations .  134
Disable Unnecessary Services . . . . .  . 134
Disable inetd or xinetd If No Services
Are Enabled . . . . . . . . . . . . 135
Ensure Logging Is Turned On . . 135
Harden Remote Services . . . . 135
WU-FTPD . . . . . . . . . . . . .. . 135
SSH . . . . . . . . . . . . . . . . . . .  136
Sendmail . . . . . . . . . . . . . . .  136
BIND (DNS) . . . . . . . . . . . . . 138
Apache (HTTP and HTTPS) . . 139
Samba . . . . . . . . . . . . . . . . . . . 140
NFS . . . . . . . . . . . . . . . . . . .  141
Summary . . . . . . . . . . . . . . . .. . 141
■ 8 User and File-System Privileges . . . .. 143
File Permissions: A Quick Tutorial . . . 144
World-Readable Files . . . . . . . . . . . . . 145
World-Writable Files . . . . . . . . . . . . . 146
Files Owned by bin and sys . . . . . . . . 146
The umask Value . . . . . . . . . . . . . . . . .146
Important Files . . . . . . . . . . . . . . . . . .147
Files in /dev . . . . . . . . . . . . . . . . . . .  . 149
Disk Partitions . . . . . . . . . . . . . . . . . .. 149
setuid and setgid Files . . . . . . . . . . . . .  150
Implement the wheel Group . . . . . . . . 150
Sudo . . . . . . . . . . . . . . . . . . . . . . .   151
Summary . . . . . . . . . . . . . . . . . . . . . . . 151
■ 9 Logging and Patching . . . . .. 153
Logging . . . . . . . . . . . . . . 154
Log Files . . . . . . . . . . . .  . 154
Log Rotation . . . . . . . . . . .156
Free Space in /var . . . . ..... 157
Patching . . . . . . . . . . . . .... 157
Summary . . . . . . . . . . . . . . 158
Part III
Special Topics
■ 10 Nessus Attack Scripting Language (NASL) . . . 161
Running NASL Scripts from the Command Line . . . 162
Writing Nessus Plug-ins Using NASL . . . . . . . . . . . . 162
Example Vulnerability . . . . . . . . . .. . . 162
The Plug-in . . . . . . . . . . . . . . . . . . . . . 163
Running the Plug-in . . . . . . . . . . ..... . . 166
Summary . . . . . . . . . . . . . . . . . . . .. . . 167
■ 11 Wireless Hacking . . . . . . . 169
Introduction to WEP .. 170
Antennas . . . . . . . . . . . 171
Popular Tools . . . . . . . . 172
Airsnort . . . . . . . . . . . . . 172
Kismet . . . . . . . . . . . . . 173
Fata-Jack . . . . . . . . . . 173
Securing Wireless Networks . . .174
Summary . . . . . . . . . . . 175
■ 12 Hacking with the Sharp Zaurus PDA . . . .177
Kismet . . . . . . . . . . . . . . 178
Wellenreiter II . . . . . . . . . . 179
Nmap . . . . . . . . . . . . . . . . 179
Qpenmapfe . . . . . . . . . . . .  179
Bing . . . . . . . . . . . . . . . . . . 180
OpenSSH . . . . . . . . . . . . . .  180
Hping2 . . . . . . . . . . . . . . . .  181
VNC Server . . . . . . . . . . .. 182
Keypebble VNC Viewer  183
Smbmount . . . . . . . . . . . . . . 183
Tcpdump . . . . . . . . . . . . . . . . 183
Wget . . . . . . . . . . . . . . . . . . 184
ZEthereal . . . . . . . . . . . . . . .  184
zNessus . . . . . . . . . . . . . . . .. 184
MTR . . . . . . . . . . . . . . . . . . . 185
Dig . . . . . . . . . . . . . . . . . . . . .  185
Perl . . . . . . . . . . . . . . . . . . . . . 186
Online Resources for the Zaurus . . . . 186
Summary . . . . . . . . . . . . . . . . . . . . . . . . 186
■ Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

---------------------------------------------------------------------------------------------------------
This book will teach you exactly how hackers think so that you can protect your Unix and Linux systems from them. There is simply no other way to learn how to prevent your systems from being compromised.
In order to stop the attacks of the most sophisticated hackers, you need to understand their thought
processes, techniques, and tactics.
----------------------------------------------------------------------

 Screenshot 
HackNotes: Linux and Unix Security: Portable Reference, McGraw Hill

Purchase Now !
Just with Paypal
●▬▬▬❂❂❂▬▬▬●

Product details
 Price
 File Size
 3,493 KB
 Pages
 256 p
 File Type
 PDF format
 ISBN
 0-07-222786-9
 Copyright
 2003 by The McGraw-Hill Companies 
●▬▬▬▬▬❂❂❂▬▬▬▬▬●
●▬▬❂❂▬▬●
●▬❂▬●


═════ ═════

Loading...
DMCA.com Protection Status