SystemsSec 2018W Lecture 6

From Soma-notes
Revision as of 13:29, 1 February 2018 by Dominique (talk | contribs) (→‎Notes)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Audio

Lecture 6 Audio

Notes

Note on the experiences: Everyone gets one re-grade. You can resubmit on the same topic or choose a new one.


Ubuntu 17.10 is the standard the Proffessor is using. Login name: “student”, password: “tneduts!”

How can you SSH into the VM? In the VM go to Settings, networks, adapters. In adapters there’s “attached to” options.

There’s an implicit firewall with a NAT (network address translation) system. It protects from random incoming packets, by dropping them, but does not protect from attacks piggybacking off other traffic. Like the Javascript that runs when you visit a webpage.

Your VM is NAT-ted to the outside world, it shares your host box’s IP address.

More attached to options that control the sharing of IP addresses and access to the outside world. 

 - NAT network: The VM can talk to the outside world but not to the host box

 - Host only adapter: The VM can only talk to the host

 - Internal network: VMs can talk together but not to the outside world

 - Bridged adapter: VM pretends it has an ethernet connection so the VM has it’s own IP address

The way the Professor set up to SSH in to the VM: have multiple adapters, one set to NAT and one set to host only. This isn’t trivial, imagine configuring network topologies for the cloud. You need a lot of knowledge to do even simple things.

On the experiences

Why shouldn’t you make scripts setuid root? Making a non privileged program have setuid privileges. How are you going to drop the privileges?

C is problematic but everything is written for C so it has to be used. Anti-viruses have a lot of privileged access to you system which creates it’s own risk so they’re not worth it.

What damage could those exercises do to the system? Corrupt the password file, lock yourself out of sudo, loose root. Making a copy of sudo using “cp” doesn’t make a working copy, use “cp -a” instead.

Shadow file has the password hashes because the passwd file is readable by everyone. You can turn shadow off which will put the passwords back into the passwd file.

For the experience on restricting network access, how do you know it works? Professor recommended not using the VM for this experience.

Retrieved from "https://homeostasis.scs.carleton.ca/wiki/index.php?title=SystemsSec_2018W_Lecture_6&oldid=21488"