University of Baltimore
Merrick School of Business

Mini-project 3: testing security of Linux/UNIX.

Note: you are supposed to customize Fedora 4 Linux to use KDE as your desktop environment. If you have not done so, follow this assignment/tutorial from INSS315, items A 1-A13.

1. Open a terminal window using the KDE toolbar clicking on its symbol and change the password for the group account. Type passwd and the process will start.
2. select an organization your group does not know much about (different from mini-project 1) and use the open search tools discussed in class and obtain basic information: Web page, location, basic financial numbers, etc. (Do not probe the organization, just collect information using Web search tools.

3. For the same organization find who is its registrar, then do organizational, domain and network queries. You should find their IP block(s), network administrator, authoritative DNS, etc.(Again only use whois, not a direct probe to their sites).

4. Again, for the same organization do DNS interrogation (zone transfer, e-mail server, and network reconnaissance). Hint: see this part of last class meeting.
5. Use SUDO to become root in graphical mode. Start Nmap and target the MISLab IP block (local, not public). Use the first three quads followed by numbers ranging from 0 to 77 (assume this to be the MISLab IP block). Using nmap, do pingsweep, portscan (TCP and UDP) and OS detection. Capture the results using ksnapshot (a screen capture program installed by default in KDE). You can see and edit the images with kview (also a default KDE application).

6. Check to see if the DNS server in your machine is vulnerable to the NXT validation buffer overflow problem. As root type ifconfig and find the IP number of your machine. Then type dig @ipnumberofmachine version.bind chaos txt See textbook pages 250-251 on how to read the results.

7. Download and install John The Ripper. Use it to see if you can crack the password file in your system. It may take some time do run.

8. Use rpcinfo to enumerate the rpc services which are running in a local machine. Use host to find an e-mail server in well known organization and finger to find who is connected to the mail server (it may not work if finger service is disabled in the mail server machine).

9. You will use Ethereal as root in graphical mode to do this item. Open a terminal and type ethereal. A graphical application will open, select Capture, options and click on capture. Open gFTP and connect to home.ubalt.edu, using your username and password in the UB PC network. Use as your username cis\ubxxxx. Change to the directory students/ubxxxxx (your username). Click on Stop, then File Save as. See what was captured by the sniffer and include the file and your comments in the report.

10. Find what files are set to run with SUID and what files are writable by the world in your machine. Hint: See these examples for SUID and Writable files.

11. Read this article in the Linux Administrator's Guide and explain how PAM and shadow passwords work, and why are they important in Linux/UNIX security.

Submitting the report

• Open Firefox in Linux, and post your group project report in the Mini-project 3 entry of the Assignments folder of one of the group members in WebTycho.
• Use Ksnapshot to capture some of the screens you saw as result of the above assignment items. Include the images in the final report.
• You should submit just one file per group in MS Word format. Use OpenOffice to write your report and save it in word format.

This page is maintained by Al Bento who can be reached at abento@ubalt.edu This page was last updated on March 13, 2006. Although we will attempt to keep this information accurate, we can not guarantee the accuracy of the information provided.