The goal of this project was to understand what an insecure operating system looked like, to assess it and to lock it down. This included the below,
The aim of this process is to identify and understand the possible vulnerabilities in the system and to develop the Threat Model.
The below steps were performed to achieve this goal
-
Identifying the services running on the system
Used nmap scan to find the running services and open ports.
-
Identifying possible vulnerablities in the system
a. NESSUS scan was performed to do a priliminary scan of the running services and to find vulnerable services, if any
b. The flaws in the services running in the web server were identified
-
Gain access into the system by exploiting possible vulnerabilities
a. Brute Forcing and SQL Injection were used to find the passwords of some users
b. Dirty cow local exploit was used to gain root access
-
Attack Sureface was identified
-
Threat model was created
a. Threats to open ports were identified
b. STRIDE model was created
c. DREAD model was created
The goal is to harden the web server to make it usable in the production environment as the Internet Gateway for a company.
-
Threat Modelling and Attack Surface Analysis were performed
-
HTTPS was setup
-
Banners were removed to eleminate any identifying information
-
Web server was jailed using Jailkit
-
Other hardening processes such as updating services, changing default passwords, etc were performed