linux audit by kaustubh padwad
TRANSCRIPT
![Page 1: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/1.jpg)
LINUX AUDIT
@S3curityb3ast
![Page 2: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/2.jpg)
#!/bin/bashbash-4.3$ ls
-ltr-rwx-r-x-r-x Kaustubh null 10 oct 5 11:00 Linux Distributions -rwx-r-x-r-x Kaustubh null 10 oct 5 11:05 Linux Architecture -rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Linux Security-rwx-r-x-r-x Kaustubh null 10 oct 5 11:15 Physical Security-rwx-r-x-r-x Kaustubh null 10 oct 10 11:20 Operating System Security -rwx-r-x-r-x Kaustubh null 10 oct 5 11:25 Network Security -rwx-r-x-r-x Kaustubh null 10 oct 10 11:30 User and group Security-rwx-r-x-r-x Kaustubh null 10 oct 10 11:35 Application Security -rwx-r-x-r-x Kaustubh null 10 oct 10 11:45 Linux security
![Page 3: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/3.jpg)
Linux Distributions
![Page 4: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/4.jpg)
Linux Architecture
USER App
OS Service
Signal to hardware
![Page 5: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/5.jpg)
Linux Kernel Security bash-4.3$ ls
-ltr-rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Separately Distributed-rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Uses Module, loadable -rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Completely compilable-rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Chances of Buffer overflow-rwx-r-x-r-x Kaustubh null 10 oct 10 11:10 Can harden at Kernel Level-rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Patched kernel-rwx-r-x-r-x Kaustubh null 10 oct 10 11:10 Secure Linux patch -rwx-r-x-r-x Kaustubh null 10 oct 10 11:10 International kernel patch
![Page 6: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/6.jpg)
Boot Security bash-4.3$ ls –ltr /boot/grub.conf
-rw-------- Kaustubh null 10 oct 5 11:15 grub.conf
bash-4.3$ cat /boot/grub.conf
# initrd /initrd-[generic-]version.img #boot=/dev/sda default=0 timeout=5 password --md5 $1$TNUb/1$TwroGJn4eCd4xsYeGiBYq. splashimage=(hd0,0)/grub/splash.xpm.gz
![Page 7: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/7.jpg)
Operating System Security bash-4.3$ cat
/ossecurity/linuxsec.conf-rwx-r-x-r-x Kaustubh null 10 oct 5 11:20 top –n 1 -b-rwx-r-x-r-x Kaustubh null 10 oct 5 11:20 ps –aux -rwx-r-x-r-x Kaustubh null 10 oct 5 11:20 dpkg –l | rpm –qa -rwx-r-x-r-x Kaustubh null 10 oct 5 11:20 Unnessesary package-rwx-r-x-r-x Kaustubh null 10 oct 10 11:20 Latest packages for services-rwx-r-x-r-x Kaustubh null 10 oct 5 11:10 Patched kernel-rwx-r-x-r-x Kaustubh null 10 oct 10 11:10 dpkg –l | grep kernel
![Page 8: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/8.jpg)
CRON & AT & Logging
Cron :- Job schedule At :-one time job Restrict cron.allow and
cron.denyRestrict at.allow and at.DenySYSLOG
facility.prioritySYSLOG facility.priority action
![Page 9: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/9.jpg)
Network & User Security
-rwx-r-x-r-x Kaustubh null 10 oct 5 11:35 passwd,shadow -rwx-r-x-r-x Kaustubh null 10 oct 5 11:35 MinAge,MaxAge,-rwx-r-x-r-x Kaustubh null 10 oct 5 11:35 Expiry warning, inactive time-rwx-r-x-r-x Kaustubh null 10 oct 5 11:35 Generic account,/bin/false,0 ONLY 1-rwx-r-x-r-x Kaustubh null 10 oct 10 11:35 libpam,libcrypto,-rwx-r-x-r-x Kaustubh null 10 oct 10 11:35 No root,user must SU
-rwx-r-x-r-x Kaustubh null 10 oct 5 11:30 chkconfig –list -rwx-r-x-r-x Kaustubh null 10 oct 5 11:30 xinet services-rwx-r-x-r-x Kaustubh null 10 oct 5 11:30 netstat -tunalp -rwx-r-x-r-x Kaustubh null 10 oct 5 11:30 Default Services-rwx-r-x-r-x Kaustubh null 10 oct 10 11:30 Telnet, FTP vs SSH
User security
![Page 10: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/10.jpg)
Application Security
• Hardening guide for All services are available.
• Linux Server can be use for almost all services
• For Example secure Apache.-rwx-r-x-r-x Kaustubh null 10 oct 5 11:40 Directory restriction-rwx-r-x-r-x Kaustubh null 10 oct 5 11:40 Option none-rwx-r-x-r-x Kaustubh null 10 oct 5 11:40 Banner & signature,token change-rwx-r-x-r-x Kaustubh null 10 oct 5 11:40 mod_Security,keep_alive,Limit_req -rwx-r-x-r-x Kaustubh null 10 oct 10 11:40 mod_evasive-rwx-r-x-r-x Kaustubh null 10 oct 10 11:40 HTTPONLY,Secure,Xframe,unused m
![Page 11: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/11.jpg)
![Page 12: Linux Audit By Kaustubh Padwad](https://reader036.vdocuments.net/reader036/viewer/2022062503/58f1a8891a28abbd408b457f/html5/thumbnails/12.jpg)
bash-4.3$ ping s3curityb3ast
Ping ME
Pinging S3curityb3ast [Kaustubh Padwad] with 64 bytes of data:Reply from Kaustubh Padwad: bytes=32 time<1ms @S3curityB3astReply from Kaustubh Padwad: bytes=32 time<1ms http://breakthesecsec.comReply from Kaustubh Padwad: bytes=32 time<1ms [email protected] from Kaustubh Padwad: bytes=32 time<1ms youtube hacker kaustubhPing statistics for Kaustubh Padwad: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msControl-C