Materials used in "Remote administration" lecture in FMI http://nedyalkov.com/security/ Collected and classified by Georgi Chorbadzhiyski Email: georgi AT unixsol DOT org Web: http://georgi.unixsol.org/ Graphical remote administration =============================== ------- WINDOWS ------- - RDP (Terminal Services) URL: http://www.microsoft.com/windows2000/technologies/terminal/default.asp (Terminal Services home) URL: http://www.rdesktop.org/ (Free client) URL: http://www.bitvise.com/remote-desktop.html (Remote desktop and SSH tunneling) URL: http://www.mail-archive.com/bugtraq@securityfocus.com/msg09106.html (RDP vulnerabilities) - windows NT Terminal Server/2000/XP - 2 clients maximum - can share the session - can be tunneled through ssh - clients (windows clients, unix clients) - string encryption (128bit) - no state stored in client - clipboard sharing - mapping remote printers/hard drivers - file transfer - NetBus, BackOrifice, PC Anywhere -------------- MULTI PLATFORM -------------- - VNC - Virtual Network Computing URL: http://www.uk.research.att.com/vnc/index.html (VNC home) URL: http://www.tightvnc.com/ (TightVNC home) URL: http://studentorganizations.smsu.edu/acm/Security/VNCSecurity.htm (VNC Security) - platform independant - can share the session - simple challenge response authentication - no encryption - can be tunneled through ssh - no state stored in client - JAVA client - clipboard sharing - X Window (remote X) URL: http://xfree86.org/ (XFree86 home page) URL: http://www.x.org/ (X consortium) URL: http://www.tldp.org/HOWTO/mini/Remote-X-Apps.html URL: http://www.tldp.org/HOWTO/mini/XDM-Xterm/ - xdm - remote X applications - Xnest server - X security - SSH X forwarding Network monitoring ================== - SNMP v1, v2, v3 (windows, unix, network devices) URL: http://www.sans.org/rr/threats/SNMP.php (SNMP threats) URL: http://www.phrack.com/show.php?p=50&a=7 (SNMP insecurities) - community strings - v1 weaknesses - v2, v3 - hash authentication Web administration ================== - Webmin URL: http://www.webmin.com/ (Webmin home) - easy to use interface - web browser is enough - can be used over SSL - custom modules for administration every services Text console terminal sessions ============================== - Telnet/Ftp - available on every unix os - no encryption - easy spoofing - NOT RECOMMENDED! - Rsuite (rsh, rcp, rlogin) - available on every unix os - no encryption - easy spoofing - NOT RECOMMENDED! - SSH URL: http://openssh.org/ (OpenSSH home) URL: http://ssh.com/ (SSH communications home) URL: http://heimhardt.com/htdocs/ssh/openssh/openssh.html (SSH tips and tricks) URL: http://www.uwsg.indiana.edu/security/quick-ssh.html (SSH quick start) URL: http://fy.chalmers.se/~appro/ssh_beyond.html (SSH and beyond) URL: http://www.itworld.com/Comp/2384/LWD010410sshtips/ (Make SSH do more) URL: http://mah.everybody.org/docs/ssh (Use ssh-agent with SSH) URL: http://www.ssh.com/support/documentation/online/ssh/adminguide/32/Using_SSH_Secure_Shell.html URL: http://www.kb.cert.org/vuls/id/945216 (SSH CRC32 attack detection code contains remote integer overflow) URL: http://staff.washington.edu/dittrich/misc/ssh-analysis.txt (Analysis of SSH crc32 compensation attack detector exploit) - strong encryption - strong authentication - password/SKey/public keys authentication - port forwarding - authentication forwarding - X display forwarding GENERAL URLS ============ Remote Administration of Linux (Unix) Systems http://www.linuxplanet.com/linuxplanet/tutorials/4400/1/