Hacking Linux Exposed-CH09.pdf

(687 KB) Pobierz
Color profile: Generic
Hacking
/ Hacking Linux
CMYK printer profile
Composite Default screen
Exposed: Linux Security Secrets & Solutions / Hatch, Lee, & Kurtz / 2773-2 / Front Matter
Blind Folio
FM:iii
HACKING LINUX
EXPOSED:
LINUX SECURITY
SECRETS & SOLUTIONS
BRIAN
HATCH
JAMES
LEE
GEORGE
KURTZ
Osborne/McGraw-Hill
New York Chicago San Francisco
Lisbon London Madrid Mexico City
Milan New Delhi San Juan
Seoul Singapore Sydney Toronto
P:\010Comp\Hacking\773-2\fm.vp
Monday, March 19, 2001 3:27:11 PM
Color profile: Generic
Hacking
/ Hacking Linux
CMYK printer profile
Composite Default screen
Exposed: Linux Security Secrets & Solutions / Hatch, Lee, & Kurtz / 2773-2 / Front Matter
Blind Folio
FM:iv
Osborne/McGraw-Hill
2600 Tenth Street
Berkeley, California 94710
U.S.A.
To arrange bulk purchase discounts for sales promotions, premiums, or fund-raisers,
please contact Osborne/McGraw-Hill at the above address. For information on transla-
tions or book distributors outside the U.S.A., please see the International Contact Infor-
mation page immediately following the index of this book.
Hacking Linux Exposed: Linux Security Secrets & Solutions
Copyright © 2001 by The McGraw-Hill Companies. All rights reserved. Printed in the
United States of America. Except as permitted under the Copyright Act of 1976, no part of
this publication may be reproduced or distributed in any form or by any means, or stored
in a database or retrieval system, without the prior written permission of the publisher,
with the exception that the program listings may be entered, stored, and executed in a
computer system, but they may not be reproduced for publication.
1234567890 CUS CUS 01987654321
ISBN 0-07-212773-2
Publisher
Brandon A. Nordin
Vice President & Associate Publisher
Scott Rogers
Senior Acquisitions Editor
Jane Brownlow
Senior Project Editor
LeeAnn Pickrell
Acquisitions Coordinator
Ross Doll
Developmental Editor
Mark Cierzniak
Technical Editor
Philip Cox
Copy Editors
Judith Brown, Claire Splan
Emily Wolman, Judy Ziajka
Proofreader
Susie Elkind
Indexer
Karin Arrigoni
Computer Designers
Lauren McCarthy
Roberta Steele
Illustrators
Robert Hansen, Lyssa Sieben-Wald
Michael Mueller, Beth E. Young
Cover Design
Dodie Shoemaker
Series Design
Dick Schwartz
Peter F. Hancik
This book was composed with Corel VENTURA™ Publisher.
Information has been obtained by Osborne/McGraw-Hill from sources believed to be reliable. However, because of the
possibility of human or mechanical error by our sources, Osborne/McGraw-Hill, or others, Osborne/McGraw-Hill does not
guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or
the results obtained from use of such information.
P:\010Comp\Hacking\773-2\fm.vp
Monday, March 19, 2001 3:27:11 PM
Hacking
/
profile
Color profile: Generic CMYK printer
Hacking
Composite Default screen
Linux Exposed: Linux Security Secrets & Solutions / Hatch, Lee, & Kurtz / 2773-2 / Chapter 9
CHAPTER
9
rd
wo
ss
Pa
ing
ck
ra
C
283
P:\010Comp\Hacking\773-2\ch09.vp
Friday, March 16, 2001 11:12:52 AM
Hacking
/
profile
Color profile: Generic CMYK printer
Hacking
Composite Default screen
Linux Exposed: Linux Security Secrets & Solutions / Hatch, Lee, & Kurtz / 2773-2 / Chapter 9
284
Hacking Linux Exposed: Linux Security Secrets & Solutions
P
assword security is one of the most important security measures to implement for
your Linux system. Without strong password security, your system will never be
safe. A hacker who manages to compromise a firewall (see Chapter 13) can attempt
to log in as a user and gain access to machines on the network. However, if all your users
have strong passwords, you stand a good chance of foiling the hacker’s illegal attempts to
break into your network.
This chapter describes how passwords work, what hackers try to do to crack them,
and what measures you can take to protect yourself.
HOW PASSWORDS WORK IN LINUX
Linux passwords are stored on the machine in encrypted form. Encryption involves con-
verting a text string, based on a repeatable algorithm, into a form that is very different
from the original string. The algorithm must be repeatable so that when you log in, Linux
can take your password and reproduce the encrypted form that it stores.
For instance, if your password is
HelloWorld
the value stored on the Linux machine might resemble
aa0BUOE5ufwxk
“HelloWorld” is a very bad password! For information on what makes a password good or bad,
see “Password Protection,” later in the chapter.
Linux uses a
one-way
encryption algorithm. You can encrypt a password, but you can-
not generate a password from an encrypted value. You can only try to guess passwords
based on a dictionary attack or a brute force attack, which we discuss later in the chapter.
/etc/passwd
Most early versions of Linux stored passwords in an encrypted form in the file
/etc/
passwd.
During the login process, a user is asked for a username and password. The oper-
ating system takes the username and looks up that user’s record in
/etc/passwd
to obtain
his encrypted password. Then, the username and password are passed into an encryption
algorithm function named
crypt()
to produce the encrypted password. If the result
matches the encrypted password stored in
/etc/passwd,
the user is allowed access.
Here is an example of
/etc/passwd:
[jdoe@machine1 jdoe]$
cat /etc/passwd
root:a1eGVpwjgvHGg:0:0:root:/root:/bin/bash
P:\010Comp\Hacking\773-2\ch09.vp
Friday, March 16, 2001 11:12:52 AM
Hacking
/
profile
Color profile: Generic CMYK printer
Hacking
Composite Default screen
Linux Exposed: Linux Security Secrets & Solutions / Hatch, Lee, & Kurtz / 2773-2 / Chapter 9
Chapter 9:
Password Cracking
285
bin:*:1:1:bin:/bin:
daemon:*:2:2:daemon:/sbin:
adm:*:3:4:adm:/var/adm:
lp:*:4:7:lp:/var/spool/lpd:
sync:*:5:0:sync:/sbin:/bin/sync
mail:*:8:12:mail:/var/spool/mail:
news:*:9:13:news:/var/spool/news:
uucp:*:10:14:uucp:/var/spool/uucp:
gopher:*:13:30:gopher:/usr/lib/gopher-data:
ftp:*:14:50:FTP User:/home/ftp:
nobody:*:99:99:Nobody:/:
xfs:*:100:101:X Font Server:/etc/X11/fs:/bin/false
jdoe:2bTlcMw8zeSdw:500:500:John Doe:/home/jdoe:/bin/bash
student:9d9WE322:501:100::/home/student:/bin/bash
Each line in
/etc/passwd
is a colon-separated record. The fields in
/etc/passwd
represent
w
s
s
s
s
s
v
The username
The encrypted password
The user ID number
The group ID number
A comment about the user (often the user’s name)
The home directory
The default shell
Notice that the encrypted password is in view in the second field in the record:
jdoe:2bTlcMw8zeSdw:500:500:John Doe:/home/jdoe:/bin/bash
This file is readable by all users:
[jdoe@machine1 jdoe]$
ls -l /etc/passwd
-rw-r--r--
1 root
root
842 Sep 12 16:24 /etc/passwd
The fact that the encrypted passwords are viewable by everyone leaves the system
vulnerable to a
password attack.
The term password attack is a broad term, but it generally
means any attempt to crack, decrypt, or delete passwords. A deleted password is one that
is blank; this is as good as a decrypted password since the password is simply the
ENTER
key. Recall that Linux uses a one-way encryption algorithm: given an encrypted version
of a password, the password cannot be derived. However, if someone has an encrypted
version of a password, an attempt can be made to guess the password.
P:\010Comp\Hacking\773-2\ch09.vp
Friday, March 16, 2001 11:12:52 AM

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin