Open main menu

CDOT Wiki β

Changes

SEC520/labs/Lab 7

18 bytes added, 09:59, 1 February 2018
no edit summary
</p>
<h2> <span class="mw-headline">Prerequisites</span></h2>
<ul><li> [https://scswiki.senecaccdot.onsenecacollege.ca/%7Efacwiki/sec520SEC520/labs/SEC520_Lab_6.html Lab_6 SEC520 Lab 6]
</li></ul>
<p><br>
<li>[http://www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html#ACL ACLs]</li>[http://www.yolinux.com/TUTORIALS/LinuxTutorialManagingGroups.html#ACL
]<li>[http://hackinglinux.blogspot.ca/2007/05/selinux-tutorial.html SELinux]</li>
<!--DEAD LINK<li>[http://www.syntaxtechnology.com/2009/06/sudo-tutorial/ Sudo]</li>-->
<li>[http://cs.senecac.on.ca/%7Efac/ops435/2008_dev/ops435_w11_l1.pdf Cron Jobs]</li>
</ul>
<ul>
<li>[http://cs.senecac.on.ca/%7Efac/sec520/slides/sec520_w4_l1.odp odp] | [http://cs.senecac.on.ca/%7Efac/sec520/slides/sec520_w4_l1.pdf pdf] | [http://cs.senecac.on.ca/%7Efac/sec520/slides/sec520_w4_l1.ppt ppt] (Slides: Linux System Hardening - part 2)</li>
<!--DEAD LINK<li>[http://lcweb.senecac.on.ca:2063/0596003919 Linux Security Cookbook (E-book)] (Chapter 5)</li>--> <!--DEAD LINK<li>[http://lcweb.senecac.on.ca:2063/0131963694?uicode=seneca Linux By Example (E-book)] (Chapter x)</li>-->
</ul>
<li value="4">Save and exit the visudo editing session. Check and return to editing session if any errors are created.</li>
<li>Edit the file <b>/etc/rsyslog.conf</b> and add the following line to the bottom of this file (for logging purposes):<br /><br /><pre style="font-family:courier,monospace;">
<b>local1.* /var/adm/sudo.log</b></pre><br /></li>
<li>Save your editing changes.</li>
<li>Switch (su) as the third user (eg. in our demonstration: <b>user3</b>).</li>
<li value="11">Switch (su) to a different user (other than your third user), and try to issue the <b>sudo /sbin/ifconfig eth0</b> command. What happenned?</li>
<li>Switch (su) to the administrator's account, and view the contents of <b>/var/adm/sudo.log</b>. What do you notice?</li>
<li>Edit the sudoers file and add the following line (where hostname is your VM machine):<pre style="font-family:courier,monospace;"><b>USER3 localhost.localdomain= NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm</b>
</pre>
<br>
</li><li>While in edit mode, add <b>USER1</b> as an alias for user1, and add the <b>kill</b> command to the <b>Cmnd_Aliases</b> line for <b>user1</b>. Each line should appear similar to this:<pre style="font-family:courier,monospace;">
<b>User_Alias USER1=user1USER1 localhost.localdomain= PASSWD: /bin/kill</b><br /></pre></li>
<li>Save changes to the sudoer's file and exit.</li>
<li>Switch (su) as the third user and attempt to kill a process. Where you prompted to enter a password? Then switch (su) as the first user (eg. <b>user1</b>) and attempt to kill another process. Where you prompted to enter a password? </li>