8/3/2019 NITA 412 - Linux Security Administration - Lab #2

http://slidepdf.com/reader/full/nita-412-linux-security-administration-lab-2 1/2

Lab #2 - TTYs; System Upgrades; screen ; MOTD; sshd  Stanislav

Lab Steps:I. Interacting With System Virtual Terminals

A. Log into your virtual machine as the root user.

B. Press the key combination of CTRL + ALT + WIN + F2 this should bring you to a fresh terminal.C. Press the combination of CTRL + ALT + WIN + F1 this should return you to your original terminal.D. Trying each of the CTRL + ALT + WIN + F? combinations possible and see how many you have.

E. Open the /etc/inittab file using vim and find where there is a comment that begins “Run gettys”F. Comment out the last (6) entry. Save the file and close vim.G. Type kill -HUP 1 and press Enter twice. This will restart your init process and virtual terminals.

II. Upgrading System Software Using yum 

A. Execute y um check-update | more to see what packages are available to upgrade.

B. Execute yum upgrade and when prompted, confirm the downloads requested.C. Once the packages have downloaded, accept the GPG keys when requested.D. Your system software is now up-to-date. Verify this by again running yum check-update

III. Installing and Learning the screen Application

A. Execute a yum info screen and review the available information about the package.B. Execute yum install screen to install the screen software onto your system.

C. Once screen is installed, review the following commands and interact with screen until you arecomfortable completing the listed tasks. Case sensitivity to letters DOES apply.

Key Combinations Result

CTRL + a c Create a new screen 

CTRL + a “ List all screen instances

CTRL + a K Kill current screen 

CTRL + a A Set a title for the current screen 

CTRL + a n Next screen in list

CTRL + a d Detach screen (normal shell)

CTRL + a N Show the current screen ̓   s name

D. When you are done learning commands, execute a detach to make sure you are back to a “real”terminal prompt. Execute ps -C screen to see if there are screen processes running.

E. To kill all screen processes, execute killall -9 screen

IV. Using screen Practically

A. Start by executing an initial screen process with a title by running screen -t “Shell 1” B. You are now within screen and no longer your ʻnormalʼ shell prompt.C. Create a new screen instance (for each step, use the key combinations learned above).

D. Set the title of this newly created screen to “Shell 2”.E. List all screen instances currently running.

F. In your current screen, open vim without any filename. Move to your next screenG. Detach your screen session and when back to the prompt, execute screen -r H. This last command reattaches an existing screen session, allowing you to resume your shell(s).I. Using the proper key combination, kill all of your screen instances until you have none left.

8/3/2019 NITA 412 - Linux Security Administration - Lab #2

http://slidepdf.com/reader/full/nita-412-linux-security-administration-lab-2 2/2

V. Configuring a System Message of the Day (MOTD)

A. As your regular system user, execute sudo vim /etc/motd to begin editing your blank MOTD file.B. Create a general warning, making it known that this is a restricted system. Be professional with

your message (nothing obscene -- yes, really). Add some line breaks before and after or othertext to make the message obvious to anyone logging into the machine.

C. Once you are done editing, completely logout of all of your shells. Log back into the machine.

D. You will notice your MOTD now appears when you log into the machine.

VI. Securing the SSH Daemon (sshd) 

A. Edit the SSH daemon configuration file using vim. The file is called /etc/ssh/sshd_configB. Lines that are commented out are generally defaults. This doesnʼt apply if there is another line

that isnʼt uncommented present. For instance, you will note that at the top of the file there is:

# # #Protocol 2,1

# # Protocol 2

# This means that only SSH protocol 2 is enabled and not the default, of both 2 & 1. For changes to

# this file, uncomment the line first and edit the existing one to make the desired change(s).C. Configure SSH to run on port 2222 instead of 22.

D. Disable root logins through SSH.E. Allow maximum authentication tries to be 2, not 6.

F. Set the login grace time to 1 minute, not 2.G. Do not allow X11 Forwarding or TCP forwarding.

H. Print the system MOTD for connecting users.I. Allow users only from the group ʻeliteʼ. (Note: man sshd_config for help)J. Once your changes are made, restart the SSH daemon with /etc/init.d/sshd restart 

VII. Testing SSH Daemon Configuration Changes

A. Execute the two following commands as methods of determining if SSH is listening correctly:

# # netstat -tln | grep 2222 

lsof -i :2222 B. Observe the error when trying to connect to your local SSH daemon with s sh root@localhost C. Now we will specify the correct SSH port for our new configuration. ssh -p 2222 root@localhost D. We are now able to connect to our SSH server as desired, but authentication will fail for root.

E. Execute the following to see rejection messages, tail /var/log/secure | grep root F. Lastly, try to connect again with your regular username, ssh -p 2222 bjones@localhost G. You will note that your MOTD displayed as desired upon successful login.

VIII. Update iptables Firewall for the SSH Port Change

A. Verify that your current firewall configuration has a rule to allow SSH on port 22 (default). As root,this command should return a line of output, iptables -L -n | grep :22 

B. Using vim edit / etc/sysconfig/iptables  and alter the line for port 22 to be 2222.C. To restart the firewall with the written configuration file, execute / etc/init.d/iptables start D. Using the previous command, verify that there is no port 22 rule, but there is one for 2222.E. If you are able to, try to remotely connect to your machine.

F. Logout of your shell(s). Save your virtual machine and call the snapshot “Lab #2 Completed”.