This is more useful that it looks…
find (filename) -user (username)
Let’s say that you need to find a listing of all files that are owned by root… transversing all directories beneath the one you are in currently.
find . -user root
will do the trick!
Gaining root Login from the GUI on Fedora 16
Fedora 16 doesn’t allow root logins by default… only Normal users are allowed to login from the gui. What to do? Sometime tasks are just easier if you log into the box as root. NOTE: Logging into a box as root is considered a security risk to many. BUT if you must… follow along!
If You want to login as a root from GUI in Fedora 16 then you have to edit something like some files which are located to /etc/pam.d/
Start a Terminal session logged in as a normal user that has admin privileges.
$ su – root
# cd /etc/pam.d/
First backup the gdm file
cp gdm gdm.bkp
Next edit the gdm file… I use vi but you could use any editor you prefer.
# vi gdm
Comment out the line in your gdm file that looks like this
auth required pam_succeed_if.so user != root quiet
it should now look like this
#auth required pam_succeed_if.so user != root quiet
Save the changes you’ve made.
Next you need to edit the file gdm-password. Again you should really back up the file… SO
#cp gdm-password gdm-password.bkp
#vi gdm-password
Comment out the line in your gdm-password file that looks like this…
auth required pam_succeed_if.so user != root quiet
See above for how to comment out a line. Save the changes you’ve made to this file
Logout and login as a root user. You’re all set… Have fun!
Fedora 16 comes pretty locked down out of the “box”. If you want access you it through ssh or some other network protocol you’re going to need to do a few things.
I want to start out by saying that the following with make you install less secure so you should really know the reasons why you are doing this. NOTE: a more secure way to do this would be to properly configure you Firewall and SELinux.
First thing you’ll need to do is disable your firewall… then SELinux… and then (in this case) start up sshd.
Disable the Firewall
$ systemctl status iptables.service
Check the status of the Firewall service.
You should see something similar to this.
iptables.service - IPv4 firewall with iptables
Loaded: loaded (/lib/systemd/system/iptables.service; enabled)
Active: active (exited) since Tue, 08 May 2012 12:15:55 -0400; 5s ago
Process: 2523 ExecStop=/usr/libexec/iptables.init stop (code=exited, status=0/SUCCESS)
Process: 2586 ExecStart=/usr/libexec/iptables.init start (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/iptables.service
$ sudo systemctl stop iptables.service
This will stop the service from running.
Disable SELinux.
# vi /etc/sysconfig/selinux
Edit the files to read…
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
Enable sshd service.
$ systemctl status sshd.service
you should start by making sure that the service isn’t running.
You should see something similar to this.
sshd.service - OpenSSH server daemon
Loaded: loaded (/lib/systemd/system/sshd.service; enabled)
Active: inactive (dead) since Tue, 08 May 2012 12:22:15 -0400; 6s ago
Process: 883 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=0/SUCCESS)
CGroup: name=systemd:/system/sshd.service
$ sudo systemctl enable sshd.service
Enable the sshd service
$ sudo systemctl start sshd.service
Check sshd status if needed.
$ sudo systemctl restart sshd.service
This can be used to restart the service should you have problems.
I found this while searching through YouTube… Very Interesting.
Hits a little too close to home! The YouTube gods at watching me!
So what kind of attack are there?
Straight-out dictionary attacks – guess the words people may use for a password.
Hybridization – Which is similar to the above but includes the substituting of letter for symbols or adding numbers to a common word.
Brute Force attacks – This uses all possible combinations of letters numbers and symbols.
Shoulder Surfing – Looking over a persons shoulder while they type a password.
Keyloggers – Hardware or software that captures key strokes as they are toyed on a keyboard.
Social Engineering- actually asking the end-user for their password.
Sniffing- Watch the TCP traffic on the wire looking for unencrypted passwords (pop,telnet,ftp,etc) Grabbing the password file
IP Spoofing is one way to overcome and get around source address authentication. Lets say that we set up a firewall rule that says I will only allow computers with an IP address that start with 10.0.1 through my firewall as I believe this network to be trusted. Well if I could trick the firewall into thinking that my computer is really on that network when in fact is isn’t I could get by this simple block. A success IP requires multiple packets toe forged in order to bypass this rule. At a minimum three packets need to be forged to make this happen (due to the nature of the TCP three way handshake).
So how do we make this happen?
1. We need to know what the trust network is.
2. We then need to find some machine that we are going to”impersonate”
3. Disable in some fashion the machine we are going to “impersonate”
4. Forge the address of the host we are going to “impersonate”
5. Start injecting packets onto the network in an effort to guess the sequence numbers the session will use
6. Actually set up the connection through the firewall using a forged IP and the correct sequence number for the packet exchange.
There is one thing we can all be sure of… we will to die. Death is a part of life and depending on your spiritual beliefs it can be seen as a wonderful part of it or the tragic end of it. It is a process that brings anxiety and stress into our lives. So how do we deal with this.
I came across a bunch of podcasts given by Professor Shelly Kagan of Yale University that have now been posted to youtube.
The rest of the series can be found here… Death with Shelly Kagan
Who decides what is acceptable from what is not? Where does one draw the line? Who makes the decision to pull the plug once something has been published?
Freedom of Speech is the foundation of the American Idea. It is in fact protected by the very first amendment that our Founding Fathers wrote into the Constitution on the United States. So it must be important! I certainly think so.
Censorship in its basic form is a type of bullying. Those in the position of power to suppress those not in power from being heard. It is a slippery slope. Where does it stop? Do we apply the standard of good judgment? There were many at the time that did not believe our Founding Fathers were exercising good judgment when seeking to separate from England. Yet hindsight being 20/20 those of use who call ourselves American think they did. However, at the time if they were to have been caught they would have been hanged.
One does need to realize that the freedom of speech in the United States is not absolute. The Alien and Sedition Acts of 1798 were the first real test of this. It prohibited individuals from making “false, scandalous, and malicious writing” against the United States government and then president John Adams. This wasn’t too popular at the time.
Fast forward to today we still just can’t say anything we want. While you may not get arrested you might find yourself in civil court defending yourself against false or inaccurate statements.
One of the beautiful things about the United States is that we can celebrate our difference in beliefs and be protected against prosecution simply because of those beliefs. We can speak out about our dissolution in the American Dream caused by the actions of our elected officials. We can make speeches filled with our hatred of other races, sexes nationalities and religions. It seems most everything is fair game.
I believe that everyone should have say and I’ve tried to live by this principle even when I don’t want to hear what is being said. In fact, I have often made it a point to protect one’s right to speak even when others wish the person not be heard.
Sometimes we need to forget some people from our past because of one simple reason… They don’t belong in our future.
—Abraham Lincoln
There are many ways to create a DoS (Denial of Service) attack. The basics of a DoS attack is to overwehlm the resources of a host making it next to impossible to deal with legitimate service requests.
These attacks could be something as benign as downloading a youtube video on a network that doesn’t have the bandwidth to support such a download. To something a bit more devious such as a SYN flood attack where the attacker manipulates the way TCP setup and tears down its connection.
DoS attacks could take advantage of hardware (or lack there of)… software bugs… holes in the way some services work.
