3) teal erty Ls) Hacking LinuxiExposed , TT el ey tz aace) ate Zi f Ft.UE Ta Ce) 4g ]e eR as SL TECHNOLOGICAL INNOVATION AND DEVELOPMENT IN COMPUTING i Phd Jess Antonio Alvarez Cedillo Ph.D Ue Basis a Be eee ratte ee na ‘ Ma aa Oe Pers ae Me ee ee Be ea Reng OF ee | Se een cd rip Pree if Bd Sued Pls er ue ed Serene ria a (esc en eet enue Fr » f 3 See cc ne echoesUE Ta Ce) 4g ]e ee Rag 2014 CCAT- * Skybox Certified Assurance Engineer’ en eu mL Mr eu Aare iy rane ‘Ss Seem reteset ieee Eee cas Meee rl he eee Ee dl sae wt des ee te Presta ten anes areas Pe nae p Te eee le em it eee ru dese ee paE ae 08 Bi eset iis] wey, | oie | ee lb ‘ eee ely Ln PA tent - Ce eae eck een ra CE Le) Ar. ¥ Linux security overview ere Ee ame aly | A i i yy Pd i i F neMeee mer mel ey Tater lela Lleol Rad PEt Rem ea a) ish. cae La Beet mA ecm ela Peed eels en mR lg Led POUT ma ey cum Se Log P y BU eae eeepc ls nul ctobethep i iN yee uel eee Mee Med Marys) eco BL Ba) cele Fi ! f* Linux is a generic t i nei lie lamcom Oh S Sean eect rae Multiprocessor * Has the X Windows Gul * Coexists with other Gperating eC ) , Se ree e le sie , * Includes the Source ‘Code fiPowerful Temi i i — Licensed under GPL t Sen tele ee 1 rs fete) mg ha — Operating SysteAn operating a , or OS, is a software program| ha Nia esithe. ey Corolle Ui ect mar-leel ny -[e =o yy communicate and ey Ic lt y | rte ccimeueal Cm WV Late] 0] a ae i i a | computer operating system, a Plies Sr er (ee a: A i F0.. Veet e A multi-user operating systemmallows for multiple Mes Bau EL reel Caraustar aldlm lia ue ie Multiprocessing vee) ee ita ay ela) capabl le ‘ofs utilizing more than one computec: Multitasking ) da An operating system that is ara of allowi y multiple software a alana y/ oe \ eeu ee ead are different parts ofa ( ee Rest ria ee Eccl ra elated ater 0 21a F Free Source SLE * People improve it, pe@ple adapt it, people fixbugs. And this can hal pp ee: ee that,As there is a limited access Leave ced Lia Ele)ole Sco ay oy Giae iad ear a4 i feral cealet ri : fredtdata ate] Cue A Ihttp://conf.linux.org-.au/ F i a I'm sorry, that's not true _, et noe - Data Breach Tracker: All the Major ‘Companies That Have Been Hackedey ee eaee err ray ee bl ee a CR ale cae al hat there are ssentially WMC LonSe ude virdses certainly do ihm ey ; ar ! Mie eLia a Ulam aie F , * s “© p 1 Infection % 6-19 © 19-26 26-33 33-43 43-57 I'm sorry, that's not true _,All the administrative pri are reserved There are other reasons, of épurse. "Normal" user accounts have much more limited accg§s to the rest of the system, so making the corruption of sy: : olitg eee wee u le mae tLe]rere em CCUSe Re Tp sean igs EV eR MU eae eee) de) ce. Led \ Pee aes TCM: ane me of | Crum Cle ieee i) Ss i Fa - IA j Mie olia Ulam aC ege es llect - Enumeration® Search - Know what to search for and where to find the exploit code. ® Adapt - Customize the exploit, so i fits. Not every exploit work for every system “out of the box”. ® Try - Get ready for (lots of) trial and error.i. Lia WeeWindows to become the main focus Linux servers made up more thana eb] ea ers er ey -_ 7 © number up Lf Ae En Le FA Dy = 30 % “bed” and Apple systems AA ee Linux servers = 58% Microsoft servers =12% fe a ee a ae)ee ie daeited ger te) alle Tait 4 Pv sui) most popular operating UaeMapping your machi uhcanis ela UCU ML cL et ie to ee aN eset [ec) SUZ ete ees See Abusing the network fel Elevating user diate ; Password cracking fee ee f Le oto — Server issues andwulnerabilities * Mail and ftp SMe ee a eee iene \ atest t — You can be used as anor — You are Linux and thus ope See eee cy : * But the developers are self. ing —developer culture and Pa ste] j ema eerie Ru dulere cy SE oan ia Aa Bee ee eee) r A Peed acd yAoy Te Pid ar 1 — Proactive measuresand recovering dere Met) ee ete amet — Scan detectors —is som REEL UU al ae See AECL icy is — File system integrity Cela Recovering from being hacked cee Peseta evel] De WET a) ea OI aFt. * Public domain looking Seer es a} Sen eee: bo and SM ss) See egy Semi Uc tetene [t=] Sema ee all 4 pen Med Cg) Oe etn rae 4 fingerprint Bee acieislySm ED a dati d (ele Se iC ata cP | : SM echilcesarcllal 4 P eR it aes sleet] +) (Bet iL| pe ere f SNMP possibilities f y, Network insecurity Pe ! pent i ly “ these oe‘Goohost DescriptionSocial Engineering, Troj tid and other tricks Smee le Feely iinet ln * Trojan horses Se late ed) * IRC backdoorsand other tricks Trojans, i) c = a ov £ [sts] Cc wi ic) o ° aSocial Engineering, Mid and other tricksTele] ay tats sie la ge) A LaTe| relat slam tale Le eee Ce) C) Lad ee 6 & L he LiiS 1 eu * Boot access is root occ, \ Seo eRe ee See Male Mal ewells * Encrypted filesystems f Create a usb Hack device7 = Y Create a wey paellaAttacking over,the networkUsing the network its@l —TCP/IP i Semele ileus ie ie Searles) es r1) Se Stag cc eh ee eerie f , Sets 4 tad Liha Ed ey f i aUe) eee ers li kit — ICMP — Control messages — cA ee A ' possibilities ih -IP- (ilderilethase'tigeeacinesike Te ey Ay Fe.) PA1 aa Pom is PTE emis 1) a Bee CRE eee co Dp [leash iT oad Be ete) See nu Ea Peete tke) br Bares ets if fo ella a} PA aem ree work ee UR re Vulnerabilities — Buffer overflows Se Uti] eral) Pee ucllerag ele DT a ee ly i — Using netstat, fir 4 BRC ROL) peat } ‘as .conf Ha vy. NUE eda a aly DNS ExploitsSema hia Se 7 —Man-in-the-middle attacksy prelate (oA Fee) aT ero S Se aro: o ed a NSU mgm) Man-in-the-middle attafl 4eu atl a Cd— at i re. SPT) ee ela (e 8B Abusing wine neo ii attacksae i aXe fog e-lUee- Late mee) Lalla gT = ete Sets) Maem elas) * Implementing egressaN * Users and privileges pene hdr) - oa Pe 4 “DB * Password storage and useSpecial purpose groups and‘device access TTT le) Fy Suid programs y Searle cet eel) ir ai react) eee CU elle ice Ul Way 4 RU Aves lect lieeR:| (0) 9 tee eee RED eect eterSa cle tater ea F yf | Pt i a — ae Ar Maintaining*access ey adem ET) cence cm Passwordless access 3 ssh Niet eee sco Sed We ff YEU ES SC] Pent ieSede alee — Trail hiding gs muaClec) EA el} — Exploiting a listening servige (TCP/IP) Se te) er on some pore Sy i 5 # Se eee ely meget t Sma ere ie es sla eet mic)* Example: browsing as root and encountering malicious cade See La) ay eae ec atte} mode f SD pare 4 Luray lta terete Ea et) P . STAN CB (ol ge7-h ae-Tol Ll Dolce Lae 19 cd Se Une eee Placed Se eee Risen login on incorrect passwords, dete Smeg e-toc eets (ela Pete Data driven attacksSe Cee le geal Be eed Pea Ty \ ee eld eR Moa dukes Rue lod ca Rete a (ths) belgie b Rue le) i) PA eae ee Ce |e) Cd ea er ee aCe Beer eters PET a atte ele mn ace ce heel am teeta Eee erage ideal rd SOT deters ce lds l tae] te teks od feel et iy) OSX