Why user management matters to Hackers?

Download 6,34 Mb. Pdf ko'rish
bet	153/203
Sana	10.01.2024
Hajmi	6,34 Mb.
	#134102

1 ... 149 150 151 152 153 154 155 156 ... 203

Bog'liq
Linux This Book Includes 4 Manuscripts The Underground Bible

User management system in detail

Why user management matters to Hackers?
Before learning in detail about the user management system in Linux it
makes sense to know why hackers should know this. We will explain this in
a simple scenario.
Assume that an attacker wants to exploit a server system of a big software
company. He uses simple port scanning at first (we will talk about this in
later chapters) to find open ports. With the help of open ports, he will try to
find access to the system. But if he tries to attack an open port, he may get
detected by system administrators easily. So, to make things easy he needs
to find user groups with reading abilities and get access to the system.
In this similar way, professional hackers use the user management system to
exploit the systems that they got access to. For this reason, a clear
understanding of the user management system is important for anyone who
takes hacking seriously.
User management system in detail
Linux uses a process called usernames to distinguish between different
users. People can also use a password to protect their accounts.
There are three types of users in normal in a Linux system which we will
describe in detail.
1) Normal users:
Normal users are the ones who can access their directory only. They can't
access other directories, if they are permitted to access other directories
then they are restricted to write any files. Normal users are given a
mandatory UID which will help others to recognize the user.

2) Root users:
Root users are the ones who are the administrators of the system. They are
called super users and have an Id which is 0. Root users can write and
modify any part of the file. If a hacker can get access to a root user account,
then he can completely delete the files that are present. Usually, server
administrators are Superusers, so it is very tough for hackers to get
administrative privileges of a system.
3) System users
System users are not real users but users that are created by the programs
that are run in the system. For example, when the Chrome browser is started
certain system processes will start with the name of system Id. It is
important to track and sort these system IDs for better usage of the user
system that Linux provides.
Below we will give a command that will help us understand the Linux user
system:
linuxexample @ host: systemid 2344
Apart from users Linux also offers group systems. Groups are important for
the management of a huge number of users working on the same project. It
also helps to organize things in a better way. By default, every user in the
Linux system belongs to a group.
Every group is represented by GID in Linux. The only Root user can create
groups and organize them in a definite way. However, a user can be in one
or more groups according to specifications.
Below we give some commands which can help to know your current user
ID and group id:
linuxexample @ host : get UID
linuxexample @ host : get GID

As discussed earlier every Linux system account needs a username and
password. Passwords, as we all know, are prone to attacks and are the first
thing that can be tried to exploit. Passwords can give one-way access to all
the sensitive information for hackers.
Linux usually holds all passwords in two files. They are
1) /etc/passwor d
2) /etc/shadow
The first one stores the password of the current user and can be easily read
by the user.
Whereas the second one is more sensible and contains passwords of all the
users in the system. This can be only read by the root user and will not be
visible for normal users.
In the next section, we will describe various commands that can help us to
modify user groups. Follow along:

Download 6,34 Mb.

1 ... 149 150 151 152 153 154 155 156 ... 203

Download 6,34 Mb.

Pdf ko'rish