lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 28 Sep 2007 08:10:32 -0400
From: <full-disclosure@...hmail.com>
To: <full-disclosure@...ts.grok.org.uk>
Cc: 
Subject: New RFID Mailing List Owner 0day

#!/bin/sh
#
# Secure v9.3.1b
# This is to be used on a NEW install only!
# This script will go through your box and lock the inside down.
# Copyright audit@...iusnet.net | munge@...rition.org, 
(munge@...iusnet.net)
# Thanks to jericho from attrition for pointing out some issues 
with it.
# This script was done thanks to A LOT of alcohol and sleepless 
nights thinking about
# how things can be changed to make it faster and set the perms 
correctly.
# This script was created for use on Slackware! "As if there's any 
better disto"
# If can be used on other versions of Linux.

# Ensure that you are uid 0 (root)
set `id`
if [ $1 != "uid=0(root)" ]; then
        echo "You MUST be root to run this script!"
        exit 5
fi

# Change the perms for /etc
chmod 711 /etc
echo "/etc Perms changed"
sleep 3

# Change the perms for /tmp and /var/tmp
chmod 1733 /tmp 
chmod 1733 /var/tmp
echo "All *tmp* Perms changed"
sleep 3

echo "Now we start the fun dir's. The following are the most 
important!!"

# Start on the *bin* directories
cd /bin
chmod 510 * | chown root.users *
chmod 500 umount mount telnet
chmod 511 ls dircolors date false true uname login
chmod 4510 ping 
chown root.staff ping
chown root.root su
chmod u+s su
echo "/bin directory is complete"
sleep 3

# Now we start on the /usr/sbin directory
cd /usr/sbin
chmod 510 * | chown root.users *
chmod u+s sendmail
chmod 500 ttysnoop
echo "/usr/sbin dir is complete"
sleep 3

# Start /usr/bin
cd /usr/bin
chmod 510 * | chown root.users *
chmod u+s passwd
chmod 4510 traceroute
chown root.staff traceroute
echo "/usr/bin dir is complete"
sleep 3

# Make changes in /etc
cd /etc
chmod 600 inetd.conf
echo "Perms changed in /etc"
sleep 3

# Make a backup of the original syslog.conf and install a better 
logging one in it's place.
cd /root
mv /etc/syslog.conf /etc/syslog.bak
cp /root/slack/syslog.conf /etc
killall -HUP syslogd
echo "syslog.conf updated"
sleep 3

# Tighten up the log file perms now
cd /var/log
chmod 600 syslog log.auth log.cron log.daemon log.kern log.mail 
log.mark log.syslog
chmod 600 log.user messages ftp.log secure.log
chown root.wheel syslog log.auth log.cron log.daemon log.kern 
log.mail log.mark log.syslog
chown root.wheel log.user messages ftp.log secure.log
echo "Log files secured"
sleep 3

# Check for SUID files
cd /root
echo "Now checking for SUID files"
find / \( -perm -4000 -o -perm -2000 ! -type d \) -exec ls -ldb {} 
\; >> suid-results
echo "Check in /root for a file called suid-results and you will 
have a list of what still"
echo "has the SUID bit"
sleep 3

echo "#######################################################"
echo "Congratulations, your box is now more secure!"
echo "Be sure to add the users to the appropriate groups"
echo "Make sure you go through and double check the perms!!"
echo "This was made to make things quicker but you still should"
echo "double check the perms!!"
echo "MAKE SURE YOU ADD USERS THAT YOU WANT TO BE ABLE TO SU TO 
ROOT"
echo "TO THE ROOT AND WHEEL GROUPS OR THEY WON'T BE ABLE TO!!!!!!."
echo "Make sure ALL your users are listed in /etc/groups on the 
users line"
echo "or they will be doing alot of bitching"     
echo "Once modified, reboot your system to enable all changes"
echo "This is NOT a full blown security script, so don't expect"
echo "your box to be 100% locked down after running it."
echo "It was created to help speed things up!!"
echo "#######################################################"



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--
Be your own boss today! Go to Technical School. Click here.
http://tagline.hushmail.com/fc/Ioyw6h4fRTcYSimYNWZixaOREIOet6N2Ot7hQ3iCkDLdppRmLkjBpe/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ