Tech: Security.


Subject: HowTo: Makeshift Linux Network @ Home ..
Date: Tue, 08 Dec 1998 19:15:15 GMT
From: VisiGoth 
Organization: VisiGoth Industries
Newsgroups: alt.2600,alt.2600.hackerz,alt.hacker,alt.hacking

[Note: This was a post made by Osiris some time ago (year and a half,

       maybe??) and it has since been asked for and wanted but no one
          has posted it. Not even Osiris himself, so I took the time to
       repost it for everyone who wants it because I feel it is a
       -very- good post and -needs- to be read inside and out.]

%%%%
%%%%

1. Get Linux or FreeBSD ASAP
2. Acquire one or more books written by Spafford, Bellovin, Cheswick,
Rubin, or Ranum
3. Get both the Camel and Llama books on PERL
4. Get ORA's book on TCP/IP
5. Purchase some old boxes (386/486) and install network cards

Armed with these items, construct a small UNIX network within your home
(garage, perhaps?). If you choose LINUX, read all the HOWTOs, particularly
the networking HOWTO. Create at least 5 user accounts, allowing at least
shell access for each account on each box. Once this configuration has
been established (with all networking up and working properly), make
attempts (as various users) to break one or more boxes on the system. (You
should ideally attack various services, not just one.)

Also: download either the SAFEsuite demo, the old ISS, or SATAN.
Run these utilities against your system, and read the tutorials that
accompany the documentation provided with these utilities.

Next, acquire all tools located at this URL:
http://www.giga.or.at/pub/hacker/unix

Learn how to use each one. Next, obtain the AUSCERT UNIX security
checklist here:
ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklist

Next, obtain the UNIX security checklist located here:
http://stimpy.cac.washington.edu/~dittrich/R870/security-checklist.html

Next, obtain the Site Security Handbook (RFC 1244), which is here:
http://stimpy.cac.washington.edu/~dittrich/R870/rfc1244.txt

Next, obtain this document from SRI:
http://stimpy.cac.washington.edu/~dittrich/R870/SRI-Whitepaper.ps

After reading and understanding all accompanying documentation listed
above (and trying out some or all of the cited tools), read the following
documents:

Intrusion Detection Checklist
ftp://info.cert.org/pub/tech_tips/intruder_detection_checklist

Dan Farmer's Survey on Various Hosts:
http://www.trouble.org/survey/

Improving the Security of Your Site by Breaking Into it
http://www.trouble.org/security/admin-guide-to-cracking.html

All the papers on this page, but especially the work by Nancy Cook and her
partner.
http://www.trouble.org/security/auditing_course/

Murphy's law and computer security by Wietse Venema
http://www.trouble.org/security/murphy.html

After absorbing that information, then seek out these papers:

CIAC-2308_Securing_Internet_Information_Servers.pdf
http://ciac.llnl.gov/ciac/documents/CIAC-
2308_Securing_Internet_Information_Servers.pdf

Securing X Windows
http://ciac.llnl.gov/ciac/documents/CIAC-2316_Securing_X_Windows.pdf

How to Detect an Intrusion
 http://ciac.llnl.gov/ciac/documents/CIAC-
2305_UNIX_Incident_Guide_How_to_Detect_an_Intrusion.pdf

Finally, go here and begin the process of studying each hole addressed in
the BUGTRAQ archive. That is located here:

http://www.geek-girl.com/bugtraq/search.html

Other things that will help you tremendously are these:

1. Subscribe to all known mailing lists on UNIX security, e.g. BUGTRAQ,
CIAC, CERT, etc.
2. From these lists, generate a database of email addresses of known
security experts. Good examples would be Farmer, Venema, Spafford, Ranum,
etc.
3. Scour the Internet for any instances of their email addresses -
whether on lists, discussion groups or the web generally. (Note: do *NOT*
bug these guys. Simply read their thoughts and ideas, absorb them, and
move on.)
4. As you encounter exploit code on these lists (which you invariably
will), compile it and execute it. Record your results. (One good reason to
get LINUX or FreeBSD: all compilers are free and already well configured
on a full install.)
5. Try to spend one hour a day studying socket programming.
6. Go to a used bookstore and buy every book you can find on system
administration. In lieu of this, at least buy books that are in
remaindering bins. The cheaper, the better.
7. Don't laugh, but learning at least the basics of these languages would
help:

A. PERL
B. AWK/GAWK/NAWK
C. SED
D. Expect

Also, it would be of some help to get a translation table that shows
variances between similar or identical tasks performed in sh/bash/csh. In
addition, you may wish to seek out the differences between disparate
versions of UNIX. It is worth buying old manuals for AIX, HP-UX, Unicos,
IRIX, Data General, SunOS, Solaris, XENIX, SYS V, and so forth. What
follows is a list of books that might help you. (These are in alphabetical
order, so order does not indicate preference. Personally, I
prefer books authored by those I cited above.)

Building Internet Firewalls
D. Brent Chapman, Elizabeth D. Zwicky (1995)
ISBN: 1565921240

Commonsense Computer Security: Your Practical Guide to Information
Protection
Martin R. Smith (1994)
ISBN: 0077078055

Computer Crime: A Crimefighter's Handbook
David J. Icove, David, Seger, Karl Icove, Karl A. Seger, Vonstorch (1995)
ISBN: 1565920864

Computer Security
John M. Carroll (1996)
ISBN: 0750696001

Computer Security Basics
Deborah Russell, G.T. Gangemi (1991)
ISBN: 0937175714

Computer Security Handbook
Arthur E. Hutt, Seymour Bosworth, Douglas B. Hoyt (1995)
ISBN: 0471118540

Firewalls and Internet Security: Repelling the Wily Hacker
William R. Cheswick, Steven M. Bellovin (1994)
ISBN: 0201633574

Fundamentals of Computer Security Technology
Edward G. Amoroso (1994)
ISBN: 0131089293

Hacker Proof: The Ultimate Guide to Network Security
Lars Klander, Edward J. Renehan (1997)
ISBN: 188413355X

Halting the Hacker: A Practical Guide to Computer Security
Donald L. Pipkin (1997)
ISBN: 013243718X

Information Warfare : Chaos on the Electronic Superhighway
Winn Schwartau (1996)
ISBN: 1560251328

Internet Firewalls and Network Security
Chris Hare, Karanjit S. Siyan (1996)
ISBN: 1562056328

Internet Firewalls and Network Security
Karanjit, Ph.D. Siyan, Chris Hare (1996)
ISBN: 1562054376

Internet Security: Professional Reference
Derek Atkins, Tom Sheldon, Tim Petru, Joel Snyder (1997)
ISBN: 156205760X

Maximum Security: A Hacker's Guide to Protecting Your Internet Site and
Network
Anonymous (1997)
ISBN: 1575212684

Personal Computer Security
Edward Tiley (1996)
ISBN: 1568848145

Practical Unix and Internet Security
Simson Garfinkel, Gene Spafford (1996)
ISBN: 1565921488

Protecting Your Web Site With Firewalls
Marcus Goncalves, Vinicius A. Goncalves (1997)
ISBN: 0136282075

Protection and Security on the Information Superhighway
Frederick B. Cohen (1995)
ISBN: 0471113891

Secrets of a Super Hacker
Knightmare, the Knightmare (1994)
ISBN: 1559501065

Security in Computing
Charles P. Pfleeger (1996)
ISBN: 0133374866

Web Commerce Cookbook
Gordon McComb (1997)
ISBN: 0471196630

Web Security Sourcebook
Avi Rubin, Daniel Geer, Marcus J. Ranum, Aviel D. Rubin, Dan Geer (1997)
ISBN: 047118148X

Web Security & Commerce (Nutshell Handbook)
Simson Garfinkel, Gene Spafford (1997)
ISBN: 1565922697
http://www.amazon.com/exec/obidos/ISBN=1565922697/t/0560-5831826-082656

Access Control and Personal Identification Systems
Dan M. Bowers (1988)
ISBN: 0409900834

Internet Security Secrets
John R. Vacca. (1996)
ISBN: 1-56884-457-3.

Network and Internetwork Security: Principles and Practice.
William Stallings. (1995)
ISBN: 0-02-415483-0

Network Security: How to Plan for It and Achieve It.
Richard H. Baker. (1994)
ISBN: 0-07-005141-0

UNIX Security for the Organization.
R. Bringle Bryant. (1994)
ISBN: 0-672-30571-2.

UNIX Security: A Practical Tutorial.
N. Derek Arnold.
ISBN: 0-07-002560-6 (1993)

UNIX System Security: How to Protect Your Data and Prevent Intruders.
Rick Farrow. (1991)
ISBN: 0-201-57030-0

UNIX System Security Essentials.
Christoph Braun and Siemens Nixdorf. (1995)
ISBN: 0-201-42775-3

UNIX System Security.
David A. Curry. (1992)
ISBN: 0-201-56327-4

UNIX Unleashed. 1994
Susan Peppard, Pete Holsberg, James Armstrong Jr., Salim Douba, S.Lee
Henry, Ron Rose, Richard Rummel, Scott Parker, Ann Marshall, Ron Dippold,
Chris Negus, John Valley, Jeff Smith, Dave Taylor, Sydney Weinstein and
David Till
ISBN: 0-672-30402-3.

Lastly, you will need to get some good tools to experiment with. They are
here:

http://ciac.llnl.gov/ciac/SecurityTools.html

Basically, that should get you started. It is not necessary that you learn
everything all at once. Obviously, the firm offering you the position does
not expect the impossible. However, UNIX security is an on-going and
complex field. You aren't going to ace it in a day. The idea is to get
yourself up to speed with older problems, so that when newer ones crop up,
you will understand their basis and origin.

The reason for creating a network in your garage is that it offers you a
chance to screw things up without any repercussions. Also, it simulates a
micro-network, and allows you to view logs and responses from both the
attack and victim sides. This is invaluable, as it will prepare you to
instantly recognize trouble, just from examining the logs. Chief areas
that you should cover are these:

1. NFS
2. The R Services
3. Passwords - proactive password checkers, DES in general, Crack, etc.
4. Spoofing
5. Routing techniques
6. Firewalls
7. CGI (if web servers are an integral part of the architecture of that
network).

It is recommended that you get the TIS Firewall Tooklit when you are
ready. (Though, I suspect that the firm hiring you is more interested in
local security that remote problems. Nevertheless, it is worth doing).

--
VisiGoth
http://visigoth.isCool.net
"Of course that's just my opinion, I could be wrong."  --Dennis Miller
Back to Tech.