Linux Security - Configuring SUDO Access
Вставка
- Опубліковано 1 жов 2020
- In this video series, we will be taking a look at how to set up, secure, and audit Linux servers. This video covers the process of configuring user permissions, assigning root permissions, and how to disable the root account.
Register for part 2 of the Linux Server Security Series: event.on24.com/eventRegistrat...
Get $100 in free credits on Linode: promo.linode.com/hackersploit...
Our videos are also available on the decentralized platform LBRY: lbry.tv/$/invite/@HackerSploi...
SUPPORT US:
Patreon: / hackersploit
Merchandise: teespring.com/en-GB/stores/ha...
SOCIAL NETWORKS:
Twitter: / hackersploit
LinkedIn: / 18713892
WHERE YOU CAN FIND US ONLINE:
HackerSploit - Cybersecurity Training Simplified: hackersploit.org/
HackerSploit Forum: forum.hackersploit.org
HackerSploit Academy: www.hackersploit.academy
LISTEN TO THE CYBERTALK PODCAST:
Spotify: open.spotify.com/show/6j0RhRi...
We hope you enjoyed the video and found value in the content. We value your feedback. If you have any questions or suggestions feel free to post them in the comments section or contact us directly via our social platforms.
Thanks for watching!
Благодарю за просмотр!
Kiitos katsomisesta
Danke fürs Zuschauen!
感谢您观看
Merci d'avoir regardé
Obrigado por assistir
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
#Linux#Security#Cybersecurity - Наука та технологія
I know you hear this. So I just want to thank you for your work. It has been the most valuable teaching tool.
Aleksis thank u for your video channel!
These are super important things which we all must know!
Man these are all what I learned manually from linux Bible, but sir your teaching was fantastic 😍😍
Damn this is good stuff. And especially for UA-cam. Thanks for creating this great content
Sir, i thanks you to providing such valuable content. all the content uploaded on this channel is awesome, and i also learnt a lot from this channel. sir i request you to start a series on privileged escalation as many of us know how to exploit machines but face trouble when we try to escalate our privileges
I would love to hearing from you 🙏
I watch all in one breath@!! Great man!
You are great man,you are doing great work I really really appreciate your work your are doing ❤️
Love your bro from INDIA 🇮🇳
Yup, I love this series. Yes.
Timestamps:
0:00 Introduction to the series
2:14 Video starts
You can register for part 2 of this series here: event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&partnerref=website&eventid=2649692&sessionid=1&key=FDD7D40926383C11B3392509222D8368®Tag=1558905&sourcepage=register
Thank you for all your great content!!!
very nice video...
would love to see a more in-depth video specifically on configuring sudoers and using sudoers.d to manage privileged commands a user can run. thanks for this one though.
Willing to learn more CTF !
Thanks, great video.
Thank you. Very good video !
Thanks for your video sir
Thank you, selfless man!
Much appreciated sir
Hello HackerSploit. I've been watching your videos and I appreciate all of your hard work to train us here. I have a question about this video. The methods you've shown work perfectly fine when we try to switch to the root user with su command. But wen I try "sudo -s" on the system I can easily switch to root user and I get something like "root@ubuntu:~#" in my terminal. I'm curious if there's any way to disable that too. Or is this changing to root user. It doesnt ask for root password. It just asks for the current user's password. Thank you in advance...
wonderfull!! see ya @webcast
Thanks hackersploit, not sure what i did but obviously missed 1 through 5, could you pls send through this missing series... Greatly appreciated , yours truly - Myne
Please make more videos like this!
Which process monitor was that at the beginning of video?
Thanks a lot sir, when you get time can you make some video on hardware hacking or BIOS hacking
So what's keeping the dev user account from unlocking the root arround or changing the shell of the root?
Good evening sir,
Sir I want to convert my chromebook714 - 1W - 390Y but it is required to enable Sudo if I want to bypass the VT2 terminal.
nice video.... moreover if you can pls share the link of the videos you talked about sudo file syntaxes and other stuff of sudo.
I have gone throught ur channel but could not find it... :)
Hi, nice video. If you can put something about:
sudo edit
sudo noexec
The implications of them for linux security. Thank you for the very good video!
thanks
To lock down sudo even further you could take these two steps:
Another thing you could do is log all your sudo commands to a separate log file as by default sudo gets logged to syslog files
You can enter the following below in your visudo
Defaults log_host, log_year, logfile="/var/log/sudo.log"
^ This will create a log file in /var/log called sudo.log and will log what user and what time on what host executed what command
example:
Oct 17 13:07:08 2020 : admin : HOST=mitchell : TTY=pts/2 ; PWD=/var/log ;
USER=root ; COMMAND=/bin/cat sudo.log
Oct 17 13:06:43 2020 : admin : HOST=mitchell : TTY=pts/2 ; PWD=/var/log ;
USER=root ; COMMAND=/usr/bin/apt update
Admin would be the user who executes the command.
Then simply just cat /var/log/sudo.log to view the contents of the log
You could also:
Configure sudo to not allow users to switch to root or any another account. but Instead, configure sudo to allow users to run specific commands as the users they need to operate as, while still having root disabled.
For eg: There’s a need for a user to install software. Allow them to run only RPM or APT or YUM as root without even switching to the root user as shown below:
Entered in the sudo config file:
usernameHere ALL =(ALL) PASSWD : /usr/bin/apt-get, /usr/bin/yum, /bin/rpm
This would allow said user to run sudo apt-get, sudo yum and sudo rpm without any password but would not allow any other commands!
in case a user types a wrong password, sudo will display insults on the terminal with the insults parameter. Enter this into your visudo file to enable insults on wrong password attemps:
Defaults insults
Also thx HS, Very informative video
How is the dev user any more secure than root if it has all the same privileges?
Hi sir. I love your content. Huge respect from india. I have a doubt sir. If I know the password for dev account who is in sudo group, what is the use of locking password for root account. Because they can unlock it again and switch to root account ryt ?please answer my question if it makes sense and if am wrong pls correct me. Thank you so much.
you are awesome
How payload Hide in images help
Great
what if dev does $ sudo su in order to access root?
I have a doubt, If we are giving all permission to dev then why hacker will try to access the root account, because he can do almost anything from the dev account.
Hello thanks
ok so my school computers run a shitty linux distro and they "disabled" root by changing the password
the thing is you can access a root terminal in the recovery mode when booting up the pc and change again the password there
lets just say i installed cs 1.6 on a couple computers..
Time to run useradd and usermod -aG
Artix linux review from your perspective, plz
7:55 root has to use sudo command?!? wat... I think usermod ( /sbin/ ) just isn't in $PATH. ??
is there a difference between adding the user to the sudoers file and adding the user with a command "adduser [USER] sudo"?
@NuBz haha :) thx for the answer - yeah im not familiar with Arch - Debian is my home distro :), i will going to look into other distros and try these different ways out
adduser command is for creating a new user in your system while sudoers file is for configuring who can have access to sudo command and some other stuff...
Thank you. How is Covid going in your part of the world?
@NuBz I already know he lives in Kenya, as his public profiles have listed that, as well as his about section. I was just asking how covid has effected life there around him.
@@blakryptonite1 it's a bot, no replies to he expected.
Hey good video but I don't have a credit card account . " ? "
Dollarboysushil is here *#*#*#
And what is the root password
Regardless
Hello
Make a rat video.