Chapter 10

Question 1

what is a super server or a super daemon

Answer 1

• > a program that listens for network connections on behalf of other programs
• > when connection is initiated connection is handed to the intended server

Question 2

name Linux’s 2 primary super daemons

Answer 2

• > inetd

- > xinetd

Question 3

which of the two primary super daemons are legacy

Answer 3

inetd

Question 4

what file control launched services of inetd

Answer 4

/etc/inetd.conf
or
/etc/inetd.d/.

Question 5

what does a typical inetd line look like?

Answer 5

ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd -l

Question 6

how did the inetd program work

Answer 6

it called tcpd which did two things

• > check if client is authorised to use system
• > if authorized ut called the program

Question 7

where do we still see tcp wrappers

Answer 7

• > ftp server, vsftp

- > if tcp wrappers are used, then the libwrap library is used

Question 8

how do you determine a network uses tcp wrappers

Answer 8

idd Network Service Daemon | grep libwrap

Question 9

where is tcp wrappers configured

Answer 9

• > /etc/hosts.allow

- >/etc/hosts.deny

Question 10

if a host is listed in both /etc/hosts.allow -.deny what happens

Answer 10

allow takes precedence

Question 11

what is the format of /etc/hosts.allow -.deny

Answer 11

daemon-list : client-list

daemon list are listed in /etc/services

leading trailing dot specifies networks

Question 12

how do you place an exception in /etc/hosts.allow -.deny

Answer 12

[…] : 192.168.7. EXCEPT 192.168..7.105

Question 13

what is xinetd

Answer 13

• > extended super daemon
• > provides inetd legacy features
• >
  • security options

Question 14

which file controls the xinetd super daemon

Answer 14

/etc/xinetd.conf

Question 15

what does the bind option do via xinetd

Answer 15

tels xnetd to listen only on one network interface

Question 16

name xinetd options

Answer 16

• > bind
• > only_from
• > no_access
• > access_time

Question 17

where must you set the xinetd features

Answer 17

/etc/xinetd.d/ and place between { … }

if you want to restrict all xinetd servers place it in /etc/xinetd.conf

Question 18

name security audit tools

Answer 18

• > netstat
• > lsof
• > remote network scanners
• > nmap
• > fuser

Question 19

what doe the netstat -ap command do

Answer 19

active network sockets that can reveal running servers

Question 20

what does the lsof program do

Answer 20

lists nomily open files

• used to identify what programs are open in a dir
• > def of file is broad for lsof
• > can be used to check ports

Question 21

what does the ls -i option do

Answer 21

limit output

Question 22

how do you use lsof to check ftp servers

Answer 22

# lsof -i :fpt
-> ftp can be replaced with 21, ftp port number

Question 23

what type of utility is nmap

Answer 23

remote network scanner

• > easy to use
• > security audits on your system

Question 24

what can nmap do

Answer 24

check for open ports

Question 25

how do you do a simple audit with nmap

Answer 25

nmap -sT 127.0.0.1 | 1st run should be on loop back to see what network services are running on your system without firewall interfering

Question 26

how do you see the services can be reached outside the firewall

Answer 26

nmap -sT 192.168.0.1 -> system ip

Question 27

what is nmap graphical user interface build

Answer 27

Nessus

Question 28

what does fuser do

Answer 28

determine processes currently using ports

Question 29

how do you issue a fuser command

Answer 29

fuser 22/tcp

Question 30

how do you user fuser to see what is accessing por 631 using udp

Answer 30

$ sudo fuser -nv udp 631

Question 31

how do you move /etc/password passwords to /etc/shaddow

Answer 31

pwconv

Question 32

what are the standard password hashes for linux

Answer 32

- >md5 | - >sha

Question 33

how do you run a single program with root permissions

Answer 33

su -c -"lsof -i"

Question 34

where does you system store log entries of uses to sudo

Answer 34

/var/log/secure

Question 35

where do you edit what tasks users may perform sudo

Answer 35

/etc/sudoers

Question 36

how do you determine who is logged on

Answer 36

$ who | $ w

Question 37

describe the who command

Answer 37

show - >who is logged on - >username - > current terminal - > time they logged on

Question 38

describe the w command

Answer 38

- > who is logged on - > what they are doing - >CPU usage

Question 39

what does the last command do?

Answer 39

provide current and historic data concerning users