Category: blog
-
Pluggable Authentication Modules
Read more: Pluggable Authentication ModulesLinux comes with Pam Modules to help you to interact with the running services in hardening way and custom the security of the service as you need. PAM is extra…
-
Regex to find mac address
Read more: Regex to find mac addresstoday i was doing some forensics to find mac address inside syslog in linux systems i wrote this simple grep command to filter mac address from log files grep ‘[0-9a-zAz]\{2\}:[0-9a-zAz]\{2\}:[0-9a-zAz]\{2\}:[0-9a-zAz]\{2\}:[0-9a-zAz]\{2\}:[0-9a-zAz]\{2\}’…
-
find duplicated UID in the linux system
Read more: find duplicated UID in the linux systemu can identify the duplicated uid in your system this useful to identify if there some manipulation inside the users’ accounts getent passwd|cut -d : -f3 |sort -n|uniq -d it…
-
users in shadow file explanation
Read more: users in shadow file explanationthis article explain the /etc/shadow this file content the users information example of the user data n1x:$6$UoDmVdoW$tYQQm5uHgOpeEKPygIaQ1GM/0IBbdYVrLHu8ZYF5pT17D3VM.FFKa2wS8J6gqbGKC2IpgImXy7SYVJK9r/fdw.:16631:7:15:2:14:16819: username -> n1x password -> $6$UoDmVdoW$tYQQm5uHgOpeEKPygIaQ1GM/0IBbdYVrLHu8ZYF5pT17D3VM.FFKa2wS8J6gqbGKC2IpgImXy7SYVJK9r/fdw. last date password update since 1970-1-1 ->…
-
AIDE : Intrusion Detection Environment
Read more: AIDE : Intrusion Detection Environmentthis article about Intrusion Detection for file system changes like modification changing owner extra, for critical files or directories in our environment we using a software called AIDE Advanced Intrusion…
-
umask permissions explanation
Read more: umask permissions explanationwhat is umask? umask is the default permissions for writing a file in the system where the settings for umask? 1 – /etc/profile 2 – /etc/bashrc if [ $UID -gt…
-
removable disk could lead to privilege escalation
Read more: removable disk could lead to privilege escalationprivilege escalation Linux with flash disk removable media with setUID, setGID files could give privilege escalation example copy nice command to ur flash storage and ask ur friend to print…
-
Persistent mount for luks with unlock Key
Read more: Persistent mount for luks with unlock Keycreating a encrypted disk with luks our Little problem here to mount a encrypted disk automatically on boot so no need to enter the pass for mounting but this risky…
-
Linux Disk Encryption with LUKS
Read more: Linux Disk Encryption with LUKStoday we going to make an encrypted disk partition list prepare our partition I have a new disk in /dev/sdb I will create a partition 100 on it with fdisk [root@localhost…
-
RPM integrity and scripts
Read more: RPM integrity and scriptsYum repository comes with gpg and md5 support to verify the validity of the package You can list installed gpg keys in your system via rpm -qa gpg-pubkey It will…