Professional Documents
Culture Documents
OS vulnerability
Operating Systems Hardening
File system
9/26/2018 2
1
9/26/2018
Prepare
o Install a Linux OS, ex Ubuntu
o Practice some command in file system
• Create directory: mkdir dir1
• Create file: cat > f1
• List file/directory: ls –la
• Current directory: pwd
• Change directory: cd dir1
• Create user/group: useradd/groupadd
9/26/2018 3
User Administration
o Add user/ group, password
o Set password policy - chage
o Lock account
File Permissions
o umask, chmod
File transfer
o Install FTP server/client
o Use specific accounts with limited permissions
File sharing
o Install Samba
o Use specific accounts with limited permissions
9/26/2018 4
2
9/26/2018
Hardening Linux
o Hardening Linux by John Terpstra, et al
o Hardening Linux by James Turnbull
Hardening Windows
o Hardening Windows Systems by Roberta Bragg
o Hardening Windows by Jonathan Hasell
Hardening Linux
o Check services running on OS: cat /etc/services
o Stop service: service <service_name> stop/start/restart
Hardening Windows
o Check services running on OS: run: services.msc
o Disable/enable service
3
9/26/2018
9/26/2018 7
9/26/2018 8
4
9/26/2018
Start meta:
msfconsole
Search:
msf>search ms12-020
Set exploit:
msf> use exploit/windows/dcerpc/ms…
msf> set lhost <IP>
msf> set rhost <IP>
auxiliary/scanner/http/ms…
9/26/2018 9
9/26/2018 10