Hacking For Beginners – Manthan Desai

2010

To redirect file execution. Sometimes, the intruder may want to replace the system binaries, like "login", withoutchanging the file. He can replace sys_execve () so that whenever the system tries to execute the "login" program,it will be re-directed to execute the intruder's version of login program.To hide sniffer. Here we refer to hiding the promiscuous flag of the network interface. The system call to Trojan inthis case is sys_ioctl().To communicate with LKM. Once the hacker has his LKM installed, he will attempt to modify some system callssuch that when a special parameter is passed, the system call will be subverted.To hide LKM. A perfect LKM must be able to hide itself from the administrator. The LKM's in the system are keptin a single linked list. To hide a LKM an attacker can just remove it from the list so that command such as " lsmod "will not reveal it.To hide symbols in the LKM. Normally functions defined in the LKM will be exported so that other LKM can usethem. An attacker can use a macro and put it at the end of LKM to prevent any symbols from being exported.

Linux Tools : Security Testing tools

o

NMap ( http://www.insecure.org/nmap )

Premier network auditing and testing tool.

o

LSOF ( ftp://vic.cc.pudue.edu/pub/tools/unix/lsof )

LSOF lists open files for running Unix/Linux processes.

o

Netcat ( http://www.atstake.com/research/tools/index.html )

Netcat is a simple Unix utility which reads and across network connections, using TCP or UDPprotocol.

o

Hping2 ( http://www.kyuzz.org/antirez/hping/ )

hping2 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies likeping does with ICMP

o

Nemesis ( http://www.packetninja.net/nemesis/ )

The Nemesis Project is designed to be a command-line based, portable human IP stack for Unix/Linux

Linux Security Countermeasures

Countermeasures

Physical Security o It is ideal to restrict physical access the computer system so that unauthorized people don't get to misusethe system. Password Security o Assign hard to guess passwords which are long enough. o Ensure procedural discipline so that passwords are kept private o Ensure that system does not accept null password or other defaults Network Security o Ensure all default network accesses are denied

$ cat: ALL: ALL" >> /etc/hosts.deny

www.hackingtech.co.tv

Page 90