Updates from April, 2012 Toggle Comment Threads | Keyboard Shortcuts

  • John Cartwright 11:41 PM on April 6, 2012 Permalink | Reply
    Tags: , , , , ,   

    Setting up the normal user account on Debian GNU/Linux to use sudo. 

    Setting up the normal user account on Debian GNU/Linux to use sudo.

    Setting up your normal user account on Debian to use the sudo command instead of the su command is very simple.

    This is the contents of my /etc/sudoers file. This line:
    neo ALL=(ALL:ALL) ALL

    Image unknown. Some decoded fax image.

    Image unknown. Some decoded fax image.

    Is the one that defines our normal user as part of the sudoers file. This string will allow the user to execute commands with root privileges, but will ask for the users password before the access is granted. That is how Ubuntu is set up and that is the best way to use the sudo command. You can set this up to not ask for a password when you run the sudo command, but that is a very bad idea. The below line illustrates how this is achieved, but I would not do this, you could accidentally run a command as sudo and it would run without prompting you.
    The man sudoers command will display a huge amount of information about the sudoers file and how to write one. The visudo command is there so that the /etc/sudoers file may be verified before it is committed back to disk after editing. NEVER edit this file directly! If you make a mistake you could lock out the root user and then you would need to recover your system. Booting from a live CD and fixing the file that way would work, best to use the visudo command and study the /etc/sudoers manual page to learn the proper syntax, then you will have no problems with setting up your users. There are ways to allow certain users to access some parts of your system that are necessary for their work whilst locking them out of others. This is a very powerful system, allowing certain users to access some devices attached to the system like printers and others having other privileges. That is why Linux is so flexible.

    [email protected]:/etc$ sudo cat /etc/sudoers
    [sudo] password for neo: 
    # This file MUST be edited with the 'visudo' command as root.
    # Please consider adding local content in /etc/sudoers.d/ instead of
    # directly modifying this file.
    # See the man page for details on how to write a sudoers file.
    Defaults	env_reset
    Defaults	mail_badpass
    Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
    # Host alias specification
    # User alias specification
    # Cmnd alias specification
    # User privilege specification
    root	ALL=(ALL:ALL) ALL
    # Allow members of group sudo to execute any command
    %sudo	ALL=(ALL:ALL) ALL
    neo	ALL=(ALL:ALL) ALL
    # See sudoers(5) for more information on "#include" directives:
    #includedir /etc/sudoers.d
  • John Cartwright 5:52 PM on April 6, 2012 Permalink | Reply  

    Apple Macintosh operating system prone to viruses. 

    With the current disaster involving a virus that is spreading to Apple Macintosh computers and causing a disaster normally associated with the Microsoft Windows platform that is infamous for being virus prone. But all closed source operating systems are prone to a vulnerability or two if the code is not available for peer review. That is the strength of the open-source operating systems such as the Linux kernel and associated software that makes up a Linux distribution such as Debian or Linux Mint. The Macintosh operating system is built on top of the free and open-source Darwin UNIX operating system, you are only paying for the Apple software that is placed on top of that free operating system, the UNIX base that the expensive Macintosh computers run. I used to have an Apple Ipod and I have used Itunes on Windows and I have experimented with an Apple Imac and I actually like the Macintosh OS, the GUI is pretty stylish, but the closed source Apple software has quite a lot of security holes and this is only the beginning for Apple in terms of the exploits that will be used against them once they become available.  Once they are commonly known, crackers will make use of them and discover more security holes to exploit. They will need to roll out security patches quickly. The security exploits will harm a lot of users if they are not fixed.

    Sure, Debian requires a lot of patches to fix security issues, but no operating system is truly immune to security issues, but Linux has less of a mainstream user base than Windows and Macintosh and this means that the operating system with the larger install base will be a more worthwhile target. The Microsoft operating systems have been a target of viruses ever since the old DOS days and nothing much has changed since then. Nowadays the Apple Macintosh operating system is facing an assault by Malware that has normally attacked Windows. Now that some people have had success with this attack, they will be searching for more attack vectors to do further damage to the Macintosh operating system and cause much damage to the reputation of the Apple corporation as a whole. The Macintosh operating system will need to upgrade their security to counter this threat, the Apple Macintosh operating system has suffered an initial wave of Malware attacks, but this is only the beginning and there are many more viruses and trojans that will be targeting the Apple Macintosh platform. This requires a more proactive approach from Apple to counter this threat. It is a shame that modern operating systems are so insecure, they need to follow the lead of other UNIX distributions such as the OpenBSD operating system that has security as the one concern overall.

    There are many tools available to test for vulnerabilities in modern operating systems such as the nmap tool. This tool allows you to scan a host for open ports also it can test the host to find out what operating system it is running, this can be useful for further investigation if you wish to attack the server/desktop. This sample output below shows the result of a scan on ajezeera.com, this scan works better on some hosts than others. The nmap command was used in the Matrix reloaded movie when Trinity was shutting down the power station. The nmap output also shows the traceroute hops as well.

    [email protected]:~# ping aljezeera.com
    PING aljezeera.com ( 56(84) bytes of data.
    64 bytes from aljezeera.com ( icmp_seq=1 ttl=42 time=270 ms
    64 bytes from aljezeera.com ( icmp_seq=2 ttl=42 time=276 ms
    --- aljezeera.com ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1000ms
    rtt min/avg/max/mdev = 270.398/273.603/276.808/3.205 ms
    [email protected]:~# nmap -A -T4
    Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2012-04-05 23:48 EDT
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
    Nmap scan report for aljezeera.com (
    Host is up (0.31s latency).
    Not shown: 999 closed ports
    80/tcp open  http    Apache httpd 2.2.17 ((Ubuntu))
    |_http-title: aljezeera.com: The Best Search Links on the Net
    | http-robots.txt: 7 disallowed entries
    | /note/ /search.php /click.php /t.php /exitpage/ /popup/
    |_http-methods: No Allow or Public header in OPTIONS response (status code 200)
    Device type: WAP|webcam|general purpose|printer|router
    Running (JUST GUESSING): Asus Linux 2.6.X (94%), Linux 2.6.X|2.4.X (94%), Linksys Linux 2.4.X (93%), Netgear embedded (92%), AXIS Linux 2.6.X (91%), Lexmark embedded (90%), Peplink embedded (89%), Gemtek embedded (89%)
    Aggressive OS guesses: Asus RT-N16 WAP (Linux 2.6) (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (94%), OpenWrt White Russian 0.9 (Linux 2.4.30) (93%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (93%), Netgear DG834G WAP (92%), AXIS 211A Network Camera (Linux 2.6) (91%), AXIS 211A Network Camera (Linux 2.6.20) (91%), Linux 2.6.18 (Debian 4.0, x86) (91%), Linux 2.6.22 (Ubuntu 7.04, x86, SMP) (91%), Linux 2.6.24 (91%)
    No exact OS matches for host (test conditions non-ideal).
    Network Distance: 20 hops
    TRACEROUTE (using port 443/tcp)
    1   0.51 ms
    2   170.21 ms 122-148-18-1.static.dsl.dodo.com.au (
    3   170.13 ms 122-148-4-1.core.dodo.com.au (
    4   79.29 ms  122-148-4-34.core.dodo.com.au (
    5   71.18 ms  tengigabitethernet8-4.ken44.sydney.telstra.net (
    6   111.49 ms bundle-ether9.ken-core4.sydney.telstra.net (
    7   111.43 ms bundle-ether1.pad-gw2.sydney.telstra.net (
    8   131.57 ms tengige10-0-0.sydp-core02.sydney.reach.com (
    9   251.32 ms i-0-1-0-0.paix-core01.bx.reach.com (
    10  625.20 ms i-1-1.paix01.bi.reach.com (
    11  370.08 ms
    12  333.72 ms er2-xe-11-1-0.sanfrancisco.savvis.net (
    13  370.19 ms 0.xe-8-3-0.br1.sjc7.alter.net (
    14  311.85 ms 0.ae1.xl4.sjc7.alter.net (
    15  370.34 ms 0.ge-5-0-0.xl4.mia4.alter.net (
    16  370.05 ms tengige0-5-0-3.gw11.mia4.alter.net (
    17  332.22 ms internet-gw.customer.alter.net (
    18  ...
    19  284.38 ms
    20  302.34 ms aljezeera.com (
    OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
    Nmap done: 1 IP address (1 host up) scanned in 77.27 seconds

    The nmap command can return a lot of data about the host you are wanting to attack, but the Backtrack Linux distribution has countless other tools preinstalled that you may use as well for further probing.

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc