Top 5 Books for the UNIX Security Geek

Here is Justin’s top 5 UNIX security books.

Title Author ISBN
Practical UNIX and Internet Security Garfinkel and Spafford 1-56592-148-8
UNIX System Security David Curry 0-201-60640-2
The UNIX Programming Environment Kernighan and Pike 0-13-937681-X
UNIX & Linux System Administration Handbook Nemeth et al 0-13-151051-7
Building Internet Firewalls O’Reilly and Assoc 1-56592-124-0

Installing Nmap from SVN on Ubuntu 10.10

If you are an Ubuntu user and simply cannot wait to get the latest nmap features, follow the procedure below. Throw this into a file and call it, ‘build_nmap’ and copy it to the /etc/cron.daily directory and you will have a daily build of the latest and greatest version of nmap.

P.S. The same procedure will also work for you Backtrack geeks.

1. Open a shell terminal.

2. svn co –username guest –password “” svn://svn.insecure.org/nmap/.

3. cd nmap

4. ./configure

5. make

6. sudo make install

My PGP Public Key

For those of you actually know what encryption is and how to use it, here’s my public key to send secure transmissions.

—–BEGIN PGP PUBLIC KEY BLOCK—–
Version: GnuPG v1.4.10 (GNU/Linux)

mQINBEx0a1MBEADLUM0L68NzlwJ+TWDKLhAcxPpf07qjW9uEkRVilCiUFreGzBUr
XyKjIFo4KncFesVME9vfS67ODH4iWyjch1hjNKkgJf43f8hwN+mFntIyv0gv6V/n
4MV13i9oHv3JhmpkoZRMxeIbV9yt9mwtQLcw84TohX+r3NMYDut8MrKSgnmSi7ET
DU5wqKG/6jsUlJgKJ82x4666pVgzSbSMYxmcHdkGKCzMJvBpO1hqc8tieON8BDs7
RIkUWmacNwW1Pb2ovrZBYKbVdSccHM/pc8Jd2kEhan8HZT8G6fnIjTb4ESzrE+GX
XpTgorHBWgUYjGKvGx7rqd1sQvyBw+oO4cjpve7eRi2LdJ64u5TifZ5Yo5fYyw2J
e+hk/clBqZhcHR9mnE5ch6oBjA/RjFq+K/qFWHQLJ8wblORnlE6iFq1edvAHEDDM
PxXXiUCAqBab3iVRKHrF9hKaIRO7ObNmvDzurUbTlv8Ii9yXXxENNnJlNbKOVw92
0DTB+IkvhxlXHnjPjU20fAM3cFDi7JQNnC4fxrAJ7iiqRBqFKDqLDkBITuGK6Tqw
WrYAsbAcIvtG/RLzEDThTFCu3CDNTvQZDYuj0GkuFTEvSsZ5+Z/x7noIFfAaIwV2
fvq8/EKYWmmwcp9vaHf1xOc5TYp6hrN0fHAoOQ4wJG3RyQUY8dA/Yye6hQARAQAB
tDZKdXN0aW4gUi4gQW5kcnVzayAoR2VlayBhdCBMYXJnZSkgPGphbmRydXNrQGdt
YWlsLmNvbT6JAjgEEwECACIFAkx0a1MCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
AheAAAoJEPP6QLl31M4959AP/0PcLBTJHsQKZr7Xf74OOeQC/Pbg6WQbCvYenQON
rpfQFeHsK3NV7883ekD4yp+o5H2xuL94xtBAw2izfszl8wg/UmR5XYLlf9noUY+q
NSOi7OKidRorJUdtJFBEpyxjItQWKo+xI5+WnrGap3Qb7ZFIbCuCVYRky2rzH29j
a4FQYT1hWZrxaUGEjDwNytD9Vk35ojNaTp0DrSazIgXYJt6gIE3cYmTtJgBRovxZ
tDexa/RCOLog7rsrCZMjYet1FgjKEa8Ls3GII/MD2yaXWMT+DpMcFgWcxveOkRwt
2IZJb4J/9YrcQKfiexkVWe/GH++jKeLMb6yIhVc7SlOrNuj+UuqHZaDfm40ZFOvs
+++Z49kd+z01h63oa/6Rr8d+uX7ASuENckUvXeZeakMBWSGvJHry/9VCXeh327F/
wGf3MulNAz9ASNUE3LkbOwQKLmLEWs0EjMr77M0enKDZcIi0a+yyhIQBX2Qcmxaf
JDt1X6TNHoQZrFJ/zDxBFSS6T9kmw8qRQJ4G09ehs5fujIUL1V31cLKETnwd8rFm
hE1kHk+Lf8zPTi/h4NZqyyIwrWi2OTGpOOBU1VYnAXrvz0FSPtxJP8I0DyJDjlhD
d3mZ1abFHDlTgwfBUjMN61ItlZ9bQdxsoMwS8brlGLKuTIWC0ji+SeOkO4d21APH
Y+hGuQINBEx0a1MBEADOOUHN+gg6alFJ7/vIf0tAT8rzgDoT5+q0HwwvZAJAH9TO
JXLSpIfCTqLKt3RlkDVnEqr14c1Da1FRPhsWuhbTRQoDHVR3hz7H6m/aFK9Oz7+d
wxZ7wU74baRiLHqPb9samrLOWcywUa216MkfoR2nMsjS5XjBLAQY0LCo/sB9zj6x
EcrKsfDyCS8m/7Cb0+wOcbhTLw1NMXfXyaQ5lrUCkClE5nTcP6Lbeha6FRJzGwBT
LZWNN4FfP5NbBuGeeMCBoRxEKqSilvkQSWkgrQ1+HFVFYgv5uozCk7zY5hQhz1ks
y5icAe87zMeK2dcHMSBneomHYOWIKfVc8pL3oyuJncpVFoyzFcuHWnOZnHD92f2Q
w3iAbJGmERNE/a4VMwig5A/6Swh/VRVehylqtgLaCOoMrO1lsT2KFtxPkE+XE+uf
9SNutqv+QrIBI5VXIxt2d3/GfPh9T2ItJ7LBljN7ZBnD5vaciLya15VTvFwMpLEo
YN8mdWPKLBW1iKyNwY7a3TBrHLgOxrdeYCjf9e+gePVLO6xs2DOR7Xy6gFvmbb1V
0h1b72zqgv/AS4RMtxcU9/G9f5CPhz9o2Hc/un1J0b/ypLdA0Fgj4RC8WYs6qw8K
hOe5YXEdd0jnDnDBulhNEvt6Eb9mib9JBR3Sgq47e9zq3e7NK0jmYGpuSp1KJwAR
AQABiQIfBBgBAgAJBQJMdGtTAhsMAAoJEPP6QLl31M49ZKkQAJnVAOOeHAey5qBo
xzfgSOSr9905gTITPvkpz10cFBBDNKSovu//7mQaCjHsByVr9YB2uzsWX8b4T//D
9y7INxFaFOi3dBeshTytpRJtUVanJve8XzEYlbQgND+DoCzAZJutCwuw+srd0DUt
QOG/YNlLhR8e661f5jQSMeJdiCM1aEiVWqiNWFbyBMm1BqEYpL75DcI2SvVdxKI4
a1wQ+sgHzaTx/kUcKztff2xCCW9UOJBHbNSZhq+MS/Ck3esD8cLp8tBO3FrQeoUk
naEl4uqGm742W/5NaefWg2MbeMdVYRM2a34NGZatkMXB/TxSbd+NoPRZRyFuSh3H
ZHUDwwB4cQ7+oY/Ed86surLccsAylSbJKa5mB6ObccLGt8WvLW8LLPXuqyKfbYoO
AqJwoWYtrvmYkIjienyDR6djSE1ofuHGax166iz2BhPBCyAcq2mnKjPlN3r/ue8M
NTjKupyk4PVNfu5MYbAa3fkO+uDmRIGxqHnJutq495TUE/nzkEVIiwwDsVK5STLW
TyVcsJ0S+BCQF4spJm+HW5iowxROaMJGdLSZG1C0DfD42kkT8NyglRhvaXdXpWMm
n8U6tf0FZFJHQ11VYdKm24pIMnDx+UUBXqwTCfidqpx8b/8Zws6T90BHStjDFRgE
inkOmAmYDXpVZJwQksZo/RJIRjmQ
=FBLv
—–END PGP PUBLIC KEY BLOCK—–

SSH Hardening

Here is some code that will add some security to your /etc/sshd_config file:

  • Enable X11Forwarding
  • Force Version 2 of the protocol
  • Disable all the usual RHosts garbage
  • Disable root logons
  • Disable the use of empty passwords

Copy the code below to a text file and make it executable then run it using the sudo command. Remember to restart your SSH service after the changes have been made.


#!/bin/sh
SSH_DIR=/etc/ssh
# unalias cp rm mv
cd $SSH_DIR
cp ssh_config ssh_config.tmp
cat $SSH_DIR/ssh_config.tmp | grep -v Protocol | sed ‘$a\\nProtocol 2’
> $SSH_DIR/ssh_config
rm ssh_config.tmp
cp sshd_config sshd_config.tmp
awk ‘/^#? *Protocol/ { print “Protocol 2”; next };
/^#? *X11Forwarding/ \
{ print “X11Forwarding yes”; next };
/^#? *IgnoreRhosts/ \
{ print “IgnoreRhosts yes”; next };
/^#? *RhostsAuthentication/ \
{ print ” RhostsAuthentication no”; next };
/^#? *RhostsRSAAuthentication/ \
{ print “RhostsRSAAuthentication no”; next };
/^#? *HostbasedAuthentication/ \
{ print “HostbasedAuthentication no”; next };
/^#? *PermitRootLogin/ \
{ print “PermitRootLogin no”; next };
/^#? *PermitEmptyPasswords/ \
{ print “PermitEmptyPasswords no”; next };
/^#? *Banner/ \
{ print “Banner /etc/issue.net”; next };
{print}’ sshd_config.tmp > sshd_config
rm sshd_config.tmp

Setting up a Non-Root User on Backtrack 4

Traditionally one of the most dangerous practices surrounding UNIX is using the root account as your normal user account. This is the default under Backtrack and here’s how to fix it so you only use Root when you need to:

1. Open a Konsole session.

2. Type: adduser username.

3. You will be asked a series of questions along with setting your password.

4. Once the account is created, type: cp -rf /root/.kde* /home/username.

6. Type: chown -R username:username /home/username to overwrite any of root’s perms that may have copied over.

5. Edit the /etc/group file with your editor of choice and add username to the admin and audio groups.

6. Logout and back in with the new account and you should be good to go.

Step #4 will copy all of the application menu’s that have links to the Backtrack programs so you don’t loose them. Enjoy.

Ubuntu Security Resources

Ubuntu Security Resources

    1. Ubuntu Unleashed

      Ubuntu Geek

      This should be enough to get started. I’m currently working on extracting the *.debs from a Ubuntu Security Distro called Protech that can be find at http://www.lifedork.net/protech-ubuntu-based-linux-security-distro.html. I will then post an ISO so that you can add all of the security tools provided without having to re-install your operating system.

  • NASA Laptops Infected with Virus

    So our overly paranoid friend over at NASA had a virus infected on a couple of astronauts laptops. What makes this even scarier is that it has happened before and they still don’t have these systems loaded with any type of Anti-Virus software. Couple of questions for our engineers at NASA:

    Why, why, and why don’t you have AV software installed on these systems? The reponse would most likely be, “Well, they are never connected to the Internet and the laptops in question are not running critical systems.”. Hmmm… I have to think if they are this lazy securing systems that astronauts use, how confident are we that they take security seriously on the more critical systems such as the computers that run the shuttles and the satellites? See the BBC link below for more details.

    http://news.bbc.co.uk/2/hi/technology/7583805.stm