Trimite pe Yahoo Messenger!

itassist.blogspot.com - asistenta gratuita IT online offline

Ai probleme cu calculatorul tau? Daca ai navigat pana aici nu mai trebuie sa pierzi timpul mergand imediat la un service sa intrebi despre problema ta sau chiar cu el acolo sau sa fii nevoit sa apelezi la cineva sa vina la domiciliul sau la biroul tau. Poti apela cu incredere la cunostintele mele. Va stau la dispozitie prin intermediul e-mail-ului, Yahoo! Mesenger sau telefonic in cel mai scurt timp posibil, pentru a rezolva impreuna problema dumneavoastra. Mai putem rezolva si cu ajutorul programului de asistenta de la distanta Team Viewer.




ARTICOLE (POSTURI) BLOG:

27 februarie 2014

Common Linux misconfigurations

    Over the numerous configuration reviews and pentest engagements that have been performed, has been observed a common pattern in the configuration weaknesses in Linux systems. I believe reviewing these common weaknesses and taking them into consideration may save a lot of time and resources, and more importantly help system administrators with creating more secure environments.

The 5 Common Linux misconfiguration are:
* user home directory permissions
* getgid and setuid binaries
* world-readable and writable files/folders
* weak services in use
* default NFS mount options or insecure export options

1. user home permissions
    On most Linux distributions the default permissions for home folders is 755 which means that any user who had access to the server can see what is in other user’s home folders. Some users such as administrators or developers may have scripts or backups of files in their home folders which contain sensitive information such as user passwords and keys to services to the same or other servers on the network.

2. setgid and setuid binaries
    The set uid bit on a file is dangerous because it allows that file to run as a potentially privileged user such as root. If a file is owned by root and had the set uid bit set the file will run with the privileges of root. This means that if an attacker can find a vulnerability or unexpected uses of that file he can then perform commands on the system as the root user which means a full compromise of the server.

3. world readable and writable files/folders
    World-readable and writable files and folders introduce similar issues as loose user home permissions but throughout the system. The main cause of world readable files is the default umask used for file creation of either 0022 or 0002. As a result of this configuration weakness, files that may contain sensitive information will be readable by anyone that has access to the system. Files may also be modified by anyone on the system if they are world-writable. This can lead to an attacker modifying files or scripts to hide forensic evidence or to execute commands by modifying a script used by Administrators.

4. weak services or configurations
    Services are configured with the minimum configuration changes needed to get them up and running. It is not uncommon to find services Also, Weak and possibly default credentials and configurations when using less secure communication channels are also typical, increasing the risk and attack surface of the server. When using services the options and configuration should be reviewed to ensure that what is being deployed is secure or properly configured. It’s also not uncommon to find these services bound to multiple interfaces on the server instead of just listening locally or just on the specified interface.

5. default mount options or insecure export options
    The defaults keyword for all mounts have the following options "rw, suid, dev, exec, auto, nouser, and async". These options are weak since they allow for the honoring of the suid and guid bits that are set on externally mounted file systems via protocols such as NFS. When exporting NFS shares it is recommended that the no_root_squash option not be set. The root-squash option is the default behavior but it is commonly seen to be changed. If root-squashing in not done it allows users to create files on the exported NFS share as the root user. These weaknesses if left as defaults, can allow for root access on servers where such access is not provided for users.

    The settings identified here are areas that are commonly overlooked when configuring a Linux server. These weaknesses can be used by attackers or malicious users to gain a wealth of information or elevated privileges on a server. Hardening your system makes it more difficult for a user to compromise it, and also more difficult to use the system as means to access other systems within the environment.

Share/Bookmark

_____________________________________

eXTReMe Tracker My Zimbio Director Web - unLink.ro - Adauga si site-ul tau toateBlogurile.ro

Buy on Amazon.com

 
Sitemap IT Assist

================================================================================================================================================
================================================================================================================================================

LINK EXCHANGE:

(Contactati-ma pentru schimb de link-uri) My Amazon.com Associate Store - Computers Notebooks Netbooks Automotive Beauty Camera Photo Florida Web Site Designers - Ecommerce web site designers Total Top Director web TopDirector - Blog Internet Marketing Webdesign ANCMRR Teleorman "General DAVID Praporgescu" Mica Publicitate Licitatiile mele de pe okazii.ro DeliciouSlides publicitate online, web design si promovare pe internet VALMI (Terasa Covorul verde) VINDE RULOTA Comerciala tip fast-food Surf anonymously and Protect your identity