![]() ![]() OpenSSL, OpenSSH, Apache, FTP, SMTP, DNS.Install important system and security updates.mount -o remount,nodev,nosuid,noexec /dev/shm.mount -o remount,nodev,nosuid,noexec /var/tmp.mount -o remount,nodev,nosuid,noexec /tmp.Prevent device files, setuid files, and executables in globally writable directories.See ‘Filesystem and Access Control Permissions’ -> ‘/home’ and ‘/var/www’.Check for files with wide permissions and setuid./bin/chown root:root cron.allow at.allow.‘/etc/passwd’ & ‘/etc/group’ - has permission 644.‘/etc/passwd’, ‘/etc/shadow’, & ‘/etc/group’ are all owned by ‘root:root’.‘/etc/fstab’ - owned by ‘root:root’ - has permission ‘0644’.Audit users and groups for invalid entries.Change the password for the root account.wget -qO- >/bin/busybox & chmod +x /bin/busybox.This checklist is designed for the first 30 minutes of competition. Jump to Top Competition Starting Checklists Linux Checklist Thou shalt get your injects done on time.Thou shalt set and use strong passwords.Thou shalt trust but verify everything else. ![]() General Information Concerning the Hackpack The Ten Commandments of Cyber Defense Creative Commons Attribution-ShareAlike 4.0 International Public License.System Services and Network Applications.Filesystem and Access Control Permissions.Dedicated Firewalls, System Firewalls, and Packet Filters.Authentication Modules and Network Protocols.General Information Concerning the Hackpack. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |