Modifications

Historique de la page
Update Identify secure libraries rédigé par LaplongeJunior's avatar LaplongeJunior
Masquer les modifications d'espaces
En ligne Côte à côte
Securing-a-server/Identify-secure-libraries.md
Voir la page @ 2fa5d7de
# Types of libraries
(GREY: Unknown)
RED: Lead to an unsecure server, don't install!
ORANGE: Can lead to service disruption, but not lost of control
BLUE: "Too" Secure, doesn't allow admins to access the server
GREEN: Secure for service AND allow admins to carry their tasks
# Types of libraries
(GREY: Unknown)
RED (unsafe!): Lead to an unsecure server, don't install!
ORANGE (1 problem): Can lead to service disruption, but not lost of control
BLUE (1 problem): Secure for service, doesn't allow admins to access the server
GREEN (secure): Secure for service AND allow admins to carry their tasks
GOLD (perfect): Secure, allow admins AND doesn't allow user-level shell
In a perfect world, there should be at least one green lib installed, and no lib worse than blue
Orange ones can be used on servers who doesn't rely on a user connecting (chat and http)
For security reasons, non-root users can only have read-only permissions
The ONLY exception is when *all* service libraries are gold (in practice, it's only useful for ftp servers)
# Types of users
root: the super-administrator, accessing any data about it is a security violation
......@@ -13,5 +18,13 @@ user: an account accessed by a script or a human, assumed public knowledge but r
ghost: a user created for the sole purpose of controlling the "registered user" exploit requirement and therefore have no rights as they aren't meant to be used. as they are treated as users by the game engine, exploits won't treat users and ghosts in the same way
guest: a password-less account which can't be accessed by legitimate requests, which makes it a perfect entry point for an admin backdoor
Here's the exploit
# Exploit requirements
Some exploits can be "disabled" by modifying the server's configuration
The trick is finding one or several service libraries falling into the "green-blue" range when following said rules about requirements :
"Same LAN only" is *always false* : if a machine is compromised, everything falls apart
"specific version for LOCAL_LIB" can be *true/false forever* : there's no reason to upgrade those libs as local escalation shouldn't occur
"active X user" is always true for an intruder, always false for an admin : *assume the worse* as this condition is naturally evolving
"registered users" and "forwarded ports" should be heavily documented : it is likely this number will increase over time as additional services are added on a machine
TODO: Lib requirements + type of users -laplongejr
\ No newline at end of file