Finish the system hardening guide.
This commit is contained in:
@@ -1,14 +1,20 @@
|
||||
---
|
||||
draft: yes
|
||||
title: Preventing Hacks
|
||||
author: Hyperling
|
||||
date: TBD
|
||||
date: 2025-11-13 T21:00:00-07:00
|
||||
tags:
|
||||
- tbd
|
||||
- tech
|
||||
- hacking
|
||||
- cracking
|
||||
- exploit
|
||||
- networking
|
||||
- lynis
|
||||
- nmap
|
||||
- metasploit
|
||||
categories:
|
||||
- tbd
|
||||
- guides
|
||||
series:
|
||||
- tbd
|
||||
- sysadmin
|
||||
# TBD/TODO: Is the theme oreventing this from working properly?
|
||||
toc: true
|
||||
toc_start_level: 3
|
||||
@@ -25,23 +31,29 @@ Local testing suite which not only tests for security weaknesses, but also that
|
||||
|
||||
#### Install
|
||||
|
||||
```
|
||||
$ sudo su -
|
||||
# git clone https://github.com/CISOfy/lynis lynis
|
||||
# chmod -R 644 lynis
|
||||
# chmod 755 lynis/lynis
|
||||
This program is best installed as root.
|
||||
|
||||
``` bash
|
||||
sudo su -
|
||||
git clone https://github.com/CISOfy/lynis /opt/lynis
|
||||
chmod -R 644 /opt/lynis
|
||||
chmod 755 /opt/lynis/lynis
|
||||
```
|
||||
|
||||
#### Testing
|
||||
|
||||
```
|
||||
# /root/lynis/lynis audit system
|
||||
It is also best run as root, and executed from the install directory.
|
||||
|
||||
``` bash
|
||||
sudo su -
|
||||
cd /opt/lynis
|
||||
./lynis audit system
|
||||
```
|
||||
|
||||
If placing the contents into a file, you'll want to disable the colors.
|
||||
If placing the contents into a file, you'll want to disable the colors to prevent unreadable special characters meant for terminal output.
|
||||
|
||||
```
|
||||
# lynis audit system --no-colors > /root/lynix_results.txt 2>&1
|
||||
``` bash
|
||||
./lynis audit system --no-colors > /root/lynis_results.txt 2>&1
|
||||
```
|
||||
|
||||
### NMap
|
||||
@@ -53,32 +65,32 @@ If placing the contents into a file, you'll want to disable the colors.
|
||||
Install `nmap` from your package manager.
|
||||
|
||||
- Debian Distros
|
||||
```
|
||||
$ sudo apt update && sudo apt install -y nmap
|
||||
``` bash
|
||||
sudo apt update && sudo apt install -y nmap
|
||||
```
|
||||
- Fedora Distros
|
||||
```
|
||||
$ sudo dnf install -y nmap
|
||||
``` bash
|
||||
sudo dnf install -y nmap
|
||||
```
|
||||
- Arch Distros
|
||||
```
|
||||
$ sudo pacman -Syq nmap
|
||||
``` bash
|
||||
sudo pacman -Syq nmap
|
||||
```
|
||||
|
||||
#### Testing
|
||||
|
||||
**Never run the `-A` parameter against an unsuspecting system.**
|
||||
|
||||
Run this command to get a good summary of ports with an attackable surface.
|
||||
Run this command to get a detailed summary of ports with an attackable surface:
|
||||
|
||||
```
|
||||
$ nmap -A -p- --script=vuln server_or_IP
|
||||
``` bash
|
||||
nmap -A -p- --script=vuln server_or_IP
|
||||
```
|
||||
|
||||
To simply see the open ports on a device, you may use the `--open` parameter.
|
||||
To simply see the open ports on a device, you may use the `--open` parameter:
|
||||
|
||||
```
|
||||
$ nmap --open server_or_IP
|
||||
``` bash
|
||||
nmap --open server_or_IP
|
||||
```
|
||||
|
||||
This program executes more quickly if run from the local machine by using `localhost`, `127.0.0.1`, `0.0.0.0`, etc.
|
||||
@@ -87,17 +99,17 @@ If you'd like the output saved into a file, pipe it with `>` to your desired dir
|
||||
|
||||
For example, to place a local vulnerability scan into your Downloads directory:
|
||||
|
||||
```
|
||||
$ nmap -A -p- --script=vuln localhost > ~/Downloads/nmap_report.txt 2>&1
|
||||
``` bash
|
||||
nmap -A -p- --script=vuln localhost > ~/Downloads/nmap_report.txt 2>&1
|
||||
```
|
||||
|
||||
#### Resolving Discoveries
|
||||
|
||||
If any vulnerabilities show up they usually come with a CVE which can be researched, such as `CVE-2007-6750`.
|
||||
|
||||
There are many reputable sites which come up when placing this in a search engine. [`cve.org`](https://www.cve.org]) is also supposed to be a centralized repository,
|
||||
There are many reputable sites which come up when placing this in a search engine. [`cve.org`](https://www.cve.org]) is also supposed to be a good centralized repository,
|
||||
|
||||
Here's an example for the provided ID.
|
||||
Here are examples for the provided ID.
|
||||
|
||||
- [https://www.suse.com/security/cve/CVE-2007-6750.html](https://www.suse.com/security/cve/CVE-2007-6750.html)
|
||||
- [https://www.cve.org/CVERecord?id=CVE-2007-6750](https://www.cve.org/CVERecord?id=CVE-2007-6750)
|
||||
@@ -110,6 +122,10 @@ Most vulnerabilities are fixed by upgrading software, migrating to safer softwar
|
||||
|
||||
I recommend playing with Metasploit if you have extra time so that you can learn how easy it is to penetrate an exploit once it is found with NMap.
|
||||
|
||||
- [https://www.metasploit.com/](https://www.metasploit.com/)
|
||||
|
||||
Please be sure to test against your own machines, such as setting up a VM running an old Ubuntu LTS, starting up some services like CUPS, SSH, Apache, etc.
|
||||
|
||||
There are also VMs available such as Metasplotable 2 and 3 which come with the attack surfaces already set up for you.
|
||||
|
||||
This what "script kiddies" use to crack systems and "hack" people. From my experience it makes the process very easy.
|
||||
|
||||
Reference in New Issue
Block a user