Alien
Stalker
- Joined
- Oct 21, 2006
- Posts
- 2,166
- Location
- Cardiff > Wales > UK
- Society
- The Calypso Rescue Team
Hey all!
I've never really used linux before, only started using it ~10 weeks ago @ university. I can do ls, cat, javac, java etc
I'm no super user.
My problem is that now for one subject I've been given a linux system and told to find security flaws with it. Flaws that were intentionally added by the staff, so shouldn;t be _too_ hard to find (I hope!). I've tried all I can think of, so far I have:
I know there's at least 10 issues, and I've found 5. Could anyone help me with some hints of what potential flaws could be in a system, and how to look for them?
I'll reward 500 EFD from my own stack to each person that helps me find a flaw !
A little more info (Don;t know if it helps):
I'm logged into the system as root
There are many other users set up on the system
I have no idea what I'm doing with linux, so get lost pretty easily
Thanks ! !
I've never really used linux before, only started using it ~10 weeks ago @ university. I can do ls, cat, javac, java etc
My problem is that now for one subject I've been given a linux system and told to find security flaws with it. Flaws that were intentionally added by the staff, so shouldn;t be _too_ hard to find (I hope!). I've tried all I can think of, so far I have:
- Attempted to look through the user's history files --> found someone setting their UID to 0 (root's?)
- Run John the ripper, and found some insecure passwords/accounts with no password
- Looking in the root bashrc file and it included a dot in the path (I know that's bad)
I know there's at least 10 issues, and I've found 5. Could anyone help me with some hints of what potential flaws could be in a system, and how to look for them?
I'll reward 500 EFD from my own stack to each person that helps me find a flaw !
A little more info (Don;t know if it helps):
I'm logged into the system as root
There are many other users set up on the system
I have no idea what I'm doing with linux, so get lost pretty easily
Thanks ! !