OS Restriction

                            OS Restriction

 

Linux is a robust OS, but it is still vulnerable to hardware dangers that may lead to damage on its physical drives or power losses that may cause data corruption

Therefore, in addition to access controls, server rooms should include the following items to ensure integrity and availability and provide protections from power outages, power anomalies,

floods, and so on:

• Adequate air conditioning for all servers at peak utilization

• Sufficient power, UPSs, and PDUs

• Raised flooring

servers environment, having at least the following access controls to protect security:

• Keycard access to server room allowing only authorized personnel

• Real-time cameras and video recording equipment to guard all servers and archive activity

• Locking server rack for highly sensitive servers

unauthorized physical access is still best hindered by

• Maintaining least privilege physical access controls by locking vital areas and providing unique keys only to specific personnel who need access

• Performing background checks, both criminal and financial, prior to granting physical access

• Designing the route used to access systems such that it passes more than one employee, especially employees with access privileges to the respective systems

• Mixing physical locks with more high-tech ones, so hacking the access control system does not grant access to places that also require a key

Stealing/Changing Data Using a Bootable Linux CD

Once an attacker has gained physical access, getting into a box can be as simple as booting to a CD-based Linux distribution, deleting the root user account password in the /etc/shadow file

Disabling Bootable Linux CDs

There are three standard electronic physical access controls:

• BIOS passwords

• Disabling boot from removable media

• Password-protected hard drives (easy to implement for workstations, but for servers requires hardware-level remote administration ability, such as IP KVM

Preventing the BIOS Password  Tricks

disabling the ability to boot from any form of removable(CDs, DVDs,

floppy drives, and USB devices ) media is advisable and will keep out many of the lower-level, script-kiddies attackers. But  like BIOS passwords, if attackers obtain physical access to the box, they can easily circumvent this security measure.

Platter Locks and Tricks

some computer manufacturers have introduced password protected

hard drives (or platter locks), particularly for use in laptops. The password is   stored in the chip set on the drive and is accessed or modified by the drive CMOS. This technology requires users to enter a password before the hard drive can be activated. During a cold or warm boot, this occurs just after the POST (at the time the hard drive is  accessed), and it arrests the machine at that state until the password has been entered.

Whole Disk or Partition Encryption

The best way to protect against data tampering or unintended disclosure is to implement one of the many whole disk or partition encryption methodologies available to Linux systems. This entails encrypting the entire contents of the hard drive, or partition, using a cryptography encryption algorithm.

For more details please visit http://www.raju-online.com

  

ETHICAL

How to Become            an Ethical Hacker?

From 1st Dec onwards

ETHICAL HACKER INTRO

ETHICAL HACKING INTRODUCTION

DEFEND YOUR NETWORK AGAINST HACKERS…..

MASTER THE HACKING TECHNOLOGIES…….

BECOME AN ETHICAL HACKER…….

An ethical hacker is a computer and networking expert who systematically attempts to gain access to a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a spiteful hacker could potentially utilize

  

We must know the way of hacking before being an ethical hacker

O/S Hacking

Remote Connectivity and VoIP Hacking .

Network Devices Hacking. . . . . . . . . . . . . . . . . .

Wireless Hacking .

Hacking Hardware

Hacking Code . .

Web Hacking

Ports  Hacking and many more….

Hacking applications

Hacking the Users

Hacking the Databases and Storage Systems

Password Cracking

MEMORY MANAGEMENT - 3

MEMORY MANAGEMENT INTERVIEW QUESTIONS AND ANSWERS
                                                
                                              PAGE - 3

21..How to  check  the current shared memory pages on the system?

# ipcs –m

22..Where the kernel   load in to  the system to run  linux?

memory

23..How to see the memory usage in percentage?

#  free | sed -n ‘2p’ | gawk ‘x = ($3 /$2) {print x}’

24..How to  find out all the process of the system along with their process states?

#  ps -al

25..How to find the current virtual memory status on your system?

#  cat /proc/meminfo

26..Explain about Environment Variables?

The bash shell uses a feature called environment variables to store information

about the shell session and the working environment . This feature also allows you to store data in memory  that can be easily accessed by any program or script running from the shell.

27..How to check the extract CPU and memory information about your system?

#  uptime

28..How to extracting  system memory information?

#  vmstat

MEMORY MANAGEMENT - 2

     MEMORY MANAGEMENT INTERVIEW QUESTIONS AND ANSWERS
                                                
                                                PAGE - 2

11..How to manage the  data segment?

Linux  systems historically have provided interfaces for directly managing the data segment. However, most programs have no direct use for these interfaces because malloc( ) and other allocation schemes are easier to use and more powerful

12..How to create the anonymous memory mappings?

Use of a memory mapping over the heap for a specific allocation, or perhaps because you are writing your own memory allocation system, you may want to manually create your own anonymous memory mapping—either, way, Linux makes it easy.

13..How to debugging memory allocations?

Programs can set the environment variable MALLOC_CHECK_ to enable enhanced debugging in the memory subsystem. The additional debugging checks come at the expense of less efficient memory allocations, but the overhead is often worth it during the debugging stage of application development. You can check with the following command

$ MALLOC_CHECK_=1 ./rudder

14..How to lock the virtual memory?

A call to mlock( ) locks the virtual memory starting at addr, and extending for

Len bytes into physical memory.

15..How to lock the all address space?

A call to mlockall( ) locks all of the pages in the current process’ address space into physical memory.

16..How to unlock the memory?

The system call munlock( ) unlocks the pages starting at addr and extending for len bytes. It undoes the effects of mlock( ).

17..How to find out  the page is physical memory or not?

Linux provides the mincore( ) function, which can be used to determine whether a given range of memory is in physical memory, or swapped out to disk:

#include <unistd.h>

#include <sys/mman.h>

int mincore (void *start,

size_t length,

unsigned char *vec);

A call to mincore( ) provides a vector delineating which pages of a mapping are in physical memory at the time of the system call. The call returns the vector via vec, and describes the pages starting at start  and extending for length bytes.

Each byte in vec corresponds to one page in the range provided, starting with the first byte describing the first page, and moving linearly forward. Consequently, vec must be at least large enough to contain (length - 1 + page size) / page size bytes. The lowest-order bit in each byte is 1 if the page is resident in physical memory, and 0 if it is not. The other bits are currently undefined and reserved for future use.

18..What is Min / Max Spare Servers?

These options are used to create a pool of spare servers that Apache can use

when it is busy. Larger sites may wish to increase these numbers from their defaults. However, for each spare server, more memory is required on  the server.

19..What is memory optimizations?

User-space code and data, kernel code and data reside permanently in main

memory, so it is important to reduce memory waste in every way possible. Initialization code is a good candidate for memory optimization. Given their nature, most initialization routines are executed either just once or not at all, depending on the kernel configuration

20..What is System Memory Management?

One of the primary functions of the operating system kernel is memory management. Not only does the kernel manage the physical memory available on the server, but it can also create and manage virtual memory, or memory that does not actually exist.

It does this by using space on the hard disk, called the swap space. The kernel swaps the contents of virtual memory locations back and forth from the swap space to the actual physical memory. This allows the system to think there is more memory available than what physically exists

MEMORY MANAGEMENT - 1

  MEMORY MANAGEMENT INTERVIEW QUESTIONS AND ANSWERS

PAGE - 1

1..Which partition is used for virtual memory by a Linux system?

swap

2..How to find out the usage of memory in linux?

# free –m

# vmstat –s

# top

3..What is Swap Space?

Swap space in Linux is used when the amount of physical memory (RAM) is full. If the system needs more memory resources and the RAM is full, inactive pages in memory are moved to the swap space. While swap space can help machines with a small amount of RAM, it should not be considered a replacement for more RAM. Swap space is located on hard drives, which have a slower access time than physical memory.

4..How to check the information about RAM of your system?

# free

5..What is virtual address space?

Linux, a operating system, virtualizes its physical resource of memory.

Processes do not directly address physical memory. Instead, the kernel associates each process with a unique virtual address space. This address space is linear, with addresses starting at zero, and increasing to some maximum value.

6..Write the difference between  the Pages and Paging?

The virtual address space is composed of pages. The system architecture and

machine type determine the size of a page, which is fixed; typical sizes include 4 KB (for 32-bit systems), and 8 KB (for 64-bit systems).* Pages are either valid or invalid.

 A valid page is associated with a page in physical memory, or some secondary backing storage, such as a swap partition or a file on disk. An invalid page is not associated with anything and represents an unused, unallocated piece of the address space.

Accessing such a page causes a segmentation violation. The address space is not necessarily  contiguous. While linearly addressed, it contains plenty of unaddressable  gaps.

7..What is memory region?

The kernel arranges pages into blocks that share certain properties, such as access permissions. These blocks are called memory regions, segments, or mappings.

8..How to allocate dynamic memory?

Memory also comes in the form of automatic and static variables, but the foundation of any memory management system is the allocation, use, and eventual return of dynamic memory. Dynamic memory is allocated at runtime, not compile time, in sizes that may be unknown until the moment of allocation

9..How to free the dynamic memory?

Automatic allocations, which are automatically reaped when the stack

unwinds, dynamic allocations are permanent parts of the process’ address space until they are manually freed

10..How to allocate the aligned memory?

Most part, the compiler and the C library transparently handle alignment

concerns. POSIX decrees that the memory returned via malloc( ), calloc( ), and

realloc( ) be properly aligned for use with any of the standard C types. On Linux,

these functions always return memory that is aligned along an 8 byte boundary on 32-bit systems and a 16 byte boundary on 64-bit systems.

REMOTE ACCESS - 2

       REMOTE ACCESS INTERVIEW QUESTIONS AND ANSWERS 

                                            PAGE - 2

11..How to connect the binary  mode in ftp?

  

ftp> binary The FTP

12..How to send the particular file in ftp?

ftp> put  source_name

13..How to find out the local directory?

ftp>  lpwd.

14..How to copy the particular  file in ftp?

ftp> get  source_file_name    target_file_name

15..How to use FTP mget without prompt?

ftp -i hostname

( Use the -i when starting the ftp and it will turn that off )

16..How can I transfer a group of files without typing  all their names?

ftp>  mput file_name*

The asterisk (*) is a wildcard that tells FTP to match all files starting with fi

17..How to upload the file in ftp?

ftp> put file_name

18..How to logout from ftp connection?

ftp>  bye

or

ftp> quit

REMOTE ACCESS - 1

      REMOTE ACCESS INTERVIEW QUESTIONS AND ANSWERS 

                                            PAGE - 1

1..What is ssh?

Connecting to another machine on the Internet is a risky proposition. Some tools, like ftp and telnet, that provide access to another machine transmit the username and password in clear text

SSH is one such program. It's name is an acronym for “Secure SHell”. SSH has to run both on the machine you're using  and the machine you're connecting to  SSH runs on the remote machine just like any other Linux service, and is initiated by you on the client in order to connect to the remote machine

2..How to connect the remote system using ssh?

SSH (the server) must be running on the remote machine, and you need to know the IP address or URL of the remote machine. The remote machine needs to be able to accept requests on port 22, the port used by SSH.

3..How to use the public/private keys to connect  the remote  server?

Public key authentication involves a pair of related keys that in this situation take the form of text files. The public key sits on the remote machine while the private key resides on the local  machine. When the local machine connects to the remote box, the two keys are matched up by the remote machine. If they match correctly, the authentication passes and you are granted access.

4...How to create  public and private keys?

 ssh-keygen -t rsa

5..What is the use of  ftp?

The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet

6..Explain  ssh client?

There are n number of ssh client programs: slogin, scp, and ssh. They each read the same configuration file, usually called /etc/openssh/ssh_config

  

7..How many types of the   file  available in  ftp?

There are two types of files. An ASCII file contains text; a binary file contains other kinds of information (such as graphics, audio recordings, or compressed text).

8..How to connect the ascii mode?

  

ftp> ascii

     

9..How to copy the particular file in ftp?

  

ftp> get source_name

10..How to see the list of files in ftp?

 ftp> ls