teaching material
1. Overview of the basic mining construction of the Linux operating system
1. Development and current situation of Linux operating system
- Cross-platform hardware support;
- Rich software support;
- Multi-user multi-tasking;
- reliable security;
- good stability;
- Perfect network function
2. Linux system structure
- 1) Linux process and thread management mechanism
- 2) Linux memory management mechanism
- 3) Linux file system management mechanism
- 4) Linux device control mechanism
- 5) Linux network mechanism
- 6) Linux system call mechanism
Second, Linux operating system security mechanism
1. Linux authentication mechanism
- 1) Linux users
- 2) Linux User Group
- 3) Linux local login user authentication mechanism
- 4) Linux remote login user authentication mechanism
- 5) Unified identity authentication middleware for Linux - PAM
2. Linux authorization and access control mechanism
- 1) File owner
- 2) File access rights
- 3) Special execute permissions for files
- 4) Insufficiency and improvement of Linux access control mechanism
3. Linux security audit mechanism
Three, Linux system remote attack and defense technology
- 1. Linux remote password guessing attack
2. Linux network service remote penetration attack
- 1) Remote penetration attack of Linux network services
- 2) Network protocol stack implementation in Linux kernel
- 3) Web Services in LAMP Web Site Building Solutions
- 4) FTP, Samba and other file sharing services
- 5) Email sending and receiving service
- 6) Other network services
- 7) Security solutions for remote penetration attacks on network services
- 3. Attack Linux client programs and users
- 4. Attack Linux routers and listeners
5、Metasploit
Four, Linux local security attack and defense technology
1. Linux local privilege escalation
- 1) Linux user password cracking
- 2) Use sudo's flaws for privilege escalation
- 3) Use user mode SUID program vulnerability for privilege escalation
- 4) Local buffer overflow attack against SUID programs
- 5) Symbolic link attacks against SUID programs
- 6) Race condition attack against SUID programs
- 7) Shared library attack against SUID programs
- 8) Exploiting Kernel Space Code Vulnerabilities for Privilege Elevation
- 9) Use of improper system configuration to implement local privilege escalation
- 2. Disappearance on Linux system
3. System remote control backdoor program
Construction and testing of network attack and defense environment
IP address
Windows attack machine
windoes target drone
Linux attack machine
Linux target machine
Connectivity test
windows attack machine - Windows target machine
Windows attack machine-Linux target machine
Linux attack machine-Windows target machine
Linux attack machine-Linux target machine