I appeared on the Linux Basix podcast a few weeks ago but since I was out of the country for a while I am now getting around to posting the show notes for my segment.
Information Security news in the world of Linux:
- PCSC-lite vulnerability –> http://seclists.org/fulldisclosure/2010/Aug/71
A security issue affects the following Ubuntu releases:
— Ubuntu 9.04
— Ubuntu 9.10
— Ubuntu 10.04 LTS
- Brief Details :
It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute
arbitrary code with root privileges. In short update your system NOW!
Dell Latitude 2110 vulnerability –> https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-August/001135.html
A security issue affects the following Ubuntu releases:
- Ubuntu 9.10
Ubuntu 10.04 LTS - Brief Details:
It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into installing unsigned packages, resulting in arbitrary code execution with root privileges.
Segment Title: SSH tunneling for good or evil!
What is SSH —
Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices.
How to install/Setup SSH?
First be sure to install the most recent version as of yesterday OpenSSH version 5.6 is the most recent version.
sudo apt-get install ssh or configure from source
- Then do a quick test by trying to SSH into your own machine, SSH localhost
- Then of course you can always edit the /etc/ssh/sshd_config file and do things like force version 2, deny root login and sort.
What is tunneling?
Tunneling, also known as “port forwarding,” is the transmission of data intended for use only within a private, usually corporate network through a public network in such a way that the routing nodes in the public network are unaware that the transmission is part of a private network
Various types of tunneling protocols:
- HTTP
- ICMP
- DNS
- SSH
SSH tunneling how it works: Nice Youtube video to get you started –> http://www.youtube.com/watch?v=EUplDL4hSuc
When can you use this?
- For good –> You can use this to create a Sock5 proxy to securely tunnel your web traffic for instance if you are at a free Wi-Fi hot spot.
- Or if you want to bypass some content filtering that’s in place to block you from accessing certain websites
- Securely tunnel your IM chat or Email which you know by default are both clear text protocol
Examples:
Tunneling Gtalk traffic –> ssh -f user@myhomeserver.com -L 3000:talk.google.com:5222 home -N
Tunneling Email –> ssh -f user@myhomeserver.com -L 2000:personal-server.com:25 -N
- For evil –> http://infolookup.securegossip.com/2010/05/13/keeping-an-eye-on-your-vendors/, “reverse SSH tunneling “as you would expect if tunneling is getting pass a firewall in a forward direction, reverse tunneling is getting access to the inside host by going out and coming back in. I linked to a posting I did back in May about an incident I had to track down and re-mediate.
- In short A vendor of ours had a Linux based appliance on the inside of our network in which the had a pre-configured “stealthy reverse tunnel” that would give them access to that system at anytime without our assistance.
Reference Links
<https://secure.wikimedia.org/wikipedia/en/wiki/Secure_Shell>
https://calomel.org/firefox_ssh_proxy.html
https://help.ubuntu.com/community/SSH/OpenSSH/Configuring
http://www.howtogeek.com/howto/ubuntu/setup-openssh-server-on-ubuntu-linux/
http://searchenterprisewan.techtarget.com/sDefinition/0,,sid200_gci213230,00.html
Securitybasix 