Monday, May 26, 2008

SEC520W2L2

PAM Today

AAA Friday,

Next week hardening Linux, he will rejig Lab5 and Lab5b


Tuesday next week is a lab day

He moved the test from this week to the 27 till the end of week3 the test is up to


ChaPTER 5 and the intrusion discovery, n Hardening Linux

Put off the take home tank lab,

Finish up to lab 4 by Friday,


When he says its due, he is going to take the open boodle, PDF file report and upload it to open

And He will mark it online, and you must upload it by the due date


NO distatory recovery,

Test is on exploits and the text the stuff we do on labs,



PAM a lot of the labs are about

This week Access Control,

Linux comes with a lot of services working independently,

Till Pam came alone in the terms of Authorization and Authentication you would have to do everything independly

PAM is basically a system you can set all the authentication parameters through one program and have it affect all the services,


Theirs a directory PAM.d their use to be PAM.conf one file with the services, PAM is the same as xinet.d what ever you want to control with pam you put the config in the directory theirs another file called other and is the default that will handle the services, it comes in modules. Modules use permission and passwords,

Is the password strong enough, you can determine is the auth is going to fail or a warning you might say they have a weak password and go in or password weak you cannot go through you can do this all through PAM,


If you look at pam it carriers a lot of files and you can also see all the services that have configuration files, the default is other,

Looking at the files we can see …the login one… we can see four interface types, theirs AUTH this is called stacking modules, the login process uses 11 modules, and each modules everyone uses login the modules are executed one at a time, the first thing is authentication auth , after that required means this must succeed or the login field, more then 4 required mean both requisite means this this failed then the login failsso if 4 fail it will fail in the end, if it says requisite it will stop.

Option will give a warning,


Sufficient that means if there are all sufficient then some will pass,

So you have interface the parameter how it will work then the module, to find out how they work you gotta do research on the module, some commonly and some aren’t

System.auth is used often, after the module theirs parameters that are sent to the module

You can find out on the net how these works, if you look at the links on the course notes you can look at everything and see what it says,

Going through the lab do backup reading and see what it does, no ignorance!

We will look at password checking and setting criteria for authentication for the needs at the time, we are looking at the basic of using one thing you always do , is so ssh does not allow root login, people will try to brute force password for root login, never login as root through ssh or login as all if exposed to the net ,

Pam solves the previous problem.