Linux Security - Configuring SUDO Access

I know you hear this. So I just want to thank you for your work. It has been the most valuable teaching tool.

Aleksis thank u for your video channel!
These are super important things which we all must know!

Man these are all what I learned manually from linux Bible, but sir your teaching was fantastic 😍😍

Damn this is good stuff. And especially for UA-cam. Thanks for creating this great content

Sir, i thanks you to providing such valuable content. all the content uploaded on this channel is awesome, and i also learnt a lot from this channel. sir i request you to start a series on privileged escalation as many of us know how to exploit machines but face trouble when we try to escalate our privileges
I would love to hearing from you 🙏

I watch all in one breath@!! Great man!

You are great man,you are doing great work I really really appreciate your work your are doing ❤️
Love your bro from INDIA 🇮🇳

Yup, I love this series. Yes.

Timestamps:
0:00 Introduction to the series
2:14 Video starts
You can register for part 2 of this series here: event.on24.com/eventRegistration/EventLobbyServlet?target=reg20.jsp&partnerref=website&eventid=2649692&sessionid=1&key=FDD7D40926383C11B3392509222D8368®Tag=1558905&sourcepage=register

Thank you for all your great content!!!

very nice video...
would love to see a more in-depth video specifically on configuring sudoers and using sudoers.d to manage privileged commands a user can run. thanks for this one though.

Willing to learn more CTF !

Thanks, great video.

Thank you. Very good video !

Thanks for your video sir

Thank you, selfless man!

Hello HackerSploit. I've been watching your videos and I appreciate all of your hard work to train us here. I have a question about this video. The methods you've shown work perfectly fine when we try to switch to the root user with su command. But wen I try "sudo -s" on the system I can easily switch to root user and I get something like "root@ubuntu:~#" in my terminal. I'm curious if there's any way to disable that too. Or is this changing to root user. It doesnt ask for root password. It just asks for the current user's password. Thank you in advance...

wonderfull!! see ya @webcast

Thanks hackersploit, not sure what i did but obviously missed 1 through 5, could you pls send through this missing series... Greatly appreciated , yours truly - Myne

Please make more videos like this!

Which process monitor was that at the beginning of video?

Thanks a lot sir, when you get time can you make some video on hardware hacking or BIOS hacking

So what's keeping the dev user account from unlocking the root arround or changing the shell of the root?

Good evening sir,
Sir I want to convert my chromebook714 - 1W - 390Y but it is required to enable Sudo if I want to bypass the VT2 terminal.

nice video.... moreover if you can pls share the link of the videos you talked about sudo file syntaxes and other stuff of sudo.
I have gone throught ur channel but could not find it... :)

Hi, nice video. If you can put something about:
sudo edit
sudo noexec
The implications of them for linux security. Thank you for the very good video!

thanks

To lock down sudo even further you could take these two steps:
Another thing you could do is log all your sudo commands to a separate log file as by default sudo gets logged to syslog files
You can enter the following below in your visudo
Defaults log_host, log_year, logfile="/var/log/sudo.log"
^ This will create a log file in /var/log called sudo.log and will log what user and what time on what host executed what command
example:
Oct 17 13:07:08 2020 : admin : HOST=mitchell : TTY=pts/2 ; PWD=/var/log ;
USER=root ; COMMAND=/bin/cat sudo.log
Oct 17 13:06:43 2020 : admin : HOST=mitchell : TTY=pts/2 ; PWD=/var/log ;
USER=root ; COMMAND=/usr/bin/apt update
Admin would be the user who executes the command.
Then simply just cat /var/log/sudo.log to view the contents of the log
You could also:
Configure sudo to not allow users to switch to root or any another account. but Instead, configure sudo to allow users to run specific commands as the users they need to operate as, while still having root disabled.
For eg: There’s a need for a user to install software. Allow them to run only RPM or APT or YUM as root without even switching to the root user as shown below:
Entered in the sudo config file:
usernameHere ALL =(ALL) PASSWD : /usr/bin/apt-get, /usr/bin/yum, /bin/rpm
This would allow said user to run sudo apt-get, sudo yum and sudo rpm without any password but would not allow any other commands!
in case a user types a wrong password, sudo will display insults on the terminal with the insults parameter. Enter this into your visudo file to enable insults on wrong password attemps:
Defaults insults
Also thx HS, Very informative video

How is the dev user any more secure than root if it has all the same privileges?

Hi sir. I love your content. Huge respect from india. I have a doubt sir. If I know the password for dev account who is in sudo group, what is the use of locking password for root account. Because they can unlock it again and switch to root account ryt ?please answer my question if it makes sense and if am wrong pls correct me. Thank you so much.

you are awesome

How payload Hide in images help

Great

what if dev does $ sudo su in order to access root?

I have a doubt, If we are giving all permission to dev then why hacker will try to access the root account, because he can do almost anything from the dev account.

Hello thanks

ok so my school computers run a shitty linux distro and they "disabled" root by changing the password
the thing is you can access a root terminal in the recovery mode when booting up the pc and change again the password there
lets just say i installed cs 1.6 on a couple computers..

Artix linux review from your perspective, plz

7:55 root has to use sudo command?!? wat... I think usermod ( /sbin/ ) just isn't in $PATH. ??

is there a difference between adding the user to the sudoers file and adding the user with a command "adduser [USER] sudo"?

Thank you. How is Covid going in your part of the world?

Hey good video but I don't have a credit card account . " ? "

Dollarboysushil is here *#*#*#

And what is the root password

Regardless

Hello

Make a rat video.