Securing and Optimization of Linux Servers

and Hacking Techniques

Securing and optimization of Linux Server and Hacking Techniques

Introduction

“The Linux Based Services that Mean Business Securing Internet”

Securing and optimization of Linux Server and Hacking Techniques

Network-Level Attacks

Session Hijacking:

Securing and optimization of Linux Server and Hacking Techniques

Network-Level Attacks(Cont…)

Packet Sniffing:

Packet sniffer is a piece of software that grabs all of the traffic flowing

Dsniff –n –i 1

Securing and optimization of Linux Server and Hacking Techniques

Gathering and Parsing Packets

DNS Cache Poisoning

DNS ID Spoofing

DNS Hides Poisoning

Securing and optimization of Linux Server and Hacking Techniques

Gathering and Parsing Packets (Cont..)

The ARP Cache poisoning:

Securing and optimization of Linux Server and Hacking Techniques

Gathering and Parsing Packets (Cont..)

IP Address Spoofing Variations

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks

TCP Connections

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

Abusing TCP:  The Traditional SYN Flood

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

The Development of Bandwidth Attacks

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

DOS

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

DDOS

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

Distributed Reflection DOS

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

Packet path diffusion

Securing and optimization of Linux Server and Hacking Techniques

Denial of Service Attacks (Cont…)

Diffusing the path

Securing and optimization of Linux Server and Hacking Techniques

Web Application Attacks

Web Spoofing

SQL Injection: Manipulating Back-end Databases

Cross-Site Scripting

Securing and optimization of Linux Server and Hacking Techniques

Operating System and Application-Level Attacks

Password Cracking With  L0phtCrack

Buffer Overflows in Depth

Examples of remote root exploit through buffer overflow

Root Kits

Securing and optimization of Linux Server and Hacking Techniques

Operating System and Application-Level Attacks

Buffer Overflows in Depth

Stuffing more data into a buffer than it can handle

Overwrites the return address of a function

Switches the execution flow to the hacker code

Securing and optimization of Linux Server and Hacking Techniques

Operating System and Application-Level Attacks

Process Memory Region

Securing and optimization of Linux Server and Hacking Techniques

Operating System and Application-Level Attacks

Examples of remote root exploit through buffer overflow

QPOP 3.0beta AUTH remote root stack overflow

BIND 8.2 - 8.2.2 remote root exploit

Securing and optimization of Linux Server and Hacking Techniques

Operating System and Application-Level Attacks

Root Kits

Rootkit name are combination from two words, “root and “kit”

collection of tools that enable attacker to keep the root power

Type of Rootkit

Application rootkit - established at the application layer.

Kernel rootkit - establish more deep into kernel layer.

Securing and optimization of Linux Server and Hacking Techniques

Application Rootkit

Programs replace to hide attacker presence.

Examples ls,ps,top,du,find,ifconfig,lsof

Network Daemons with backdoor

Sniffer Program

Kernel Rootkit

Hiding processes.

Hiding files

Hiding the sniffer.

Hiding the File System

Operating System and Application-Level Attacks

.999