[
next
] [
tail
] [
up
]
Contents
List of Figures
List of Tables
Glossary
1
Introduction
1.1
Purpose of This Book
1.1.1
History
1.1.2
Audience
1.1.3
This is NOT a Textbook
1.2
Using This Book
1.2.1
Organisation of the Chapters
1.2.2
Following the Examples
1.2.3
Terminology and Notation
1.2.4
Book Website and Formats
1.2.5
Downloading Example Files
1.2.6
Other Books and Sources
1.3
Recognition
1.3.1
Acknowledgements
1.3.2
Apologies, Limitations and Reporting Bugs
1.3.3
Licensing
2
Linux, Ubuntu and VirtualBox
2.1
What is Ubuntu Linux?
2.1.1
Why Not Microsoft Windows?
2.2
Installing Ubuntu Linux
2.2.1
Ubuntu Variants
2.2.2
Installation Approaches
2.3
Virtualisation and VirtualBox
3
Virtual Networking with Linux and VirtualBox
3.1
Virtual Networking and virtnet
3.1.1
What is Virtual Networking?
3.1.2
Motivation for virtnet
3.1.3
How Does virtnet Work?
3.1.4
virtnet Terminology
3.1.5
History of virtnet
3.2
Getting Started
3.2.1
General Requirements
3.2.2
Installation
3.2.3
Creating Your First Topology
3.2.4
Creating a Different Topology
3.3
Using virtnet
3.3.1
Usernames and Passwords
3.3.2
Login to Nodes with VirtualBox
3.3.3
Login to Nodes with Secure Shell
3.3.4
Transferring Files
3.3.5
Using the Host Web Browser to Access a Guest Web Server
3.3.6
Shutting Down, Saving and Deleting Nodes
3.4
Troubleshooting virtnet
4
Linux Command Line
4.1
Prerequisites
4.1.1
Assumed Knowledge
4.1.2
Linux and Network Setup
4.2
Entering Commands
4.2.1
Command Prompt
4.2.2
Commands, Parameters and Options
4.2.3
Output and Errors
4.2.4
Help with Commands
4.3
Directory and File Operations
4.4
Viewing and Editing Files
4.4.1
Viewing Text Files
4.4.2
Creating Text Files
4.4.3
Text Editors
4.5
Shortcuts in Bash
4.6
Pipes and Redirection
4.7
Processes and Jobs
4.8
Searching for Files
4.9
Processing Text Files
4.10
More Examples
5
The Internet and Applications
5.1
The Internet
5.2
Clients, Servers and Addressing
5.2.1
Addresses and Ports
5.2.2
Servers
5.2.3
Clients
5.3
Web Browsing
5.3.1
HTTP Operation
5.3.2
Web Browsing on the Command Line
5.4
Remote Login
6
Automating Tasks with Scripts
6.1
Prerequisites
6.1.1
Assumed Knowledge
6.1.2
Linux and Network Setup
6.2
Introduction to Scripts
6.2.1
Shell Scripts are Text Files
6.2.2
Variables in Scripts
6.2.3
For Loops
6.2.4
If/Then/Else
6.2.5
Input Parameters
6.2.6
Executing Shell Scripts
6.3
More Scripting Examples
6.3.1
First Script with echo and ls
6.3.2
Using Variables
6.3.3
For Loops
6.3.4
If/Then/Else
6.3.5
Input Arguments
6.3.6
Reading a Text File
6.3.7
Extra Commands
7
Users and Permissions
7.1
Prerequisites
7.1.1
Assumed Knowledge
7.1.2
Linux and Network Setup
7.2
Users and Permissions in Linux
7.2.1
Users
7.2.2
Logins
7.2.3
Passwords
7.2.4
Permissions
7.3
Commands for Managing Users and Permissions
7.4
Users and Permissions by Example
7.4.1
Adding Users
7.4.2
/etc/passwd and /etc/shadow Files
7.4.3
Adding Groups
7.4.4
Creating Files and Directories
7.4.5
Setting Permissions
7.4.6
Summary and Other Issues
7.5
Passwords, Hashes and Rainbow Tables
7.5.1
Storing Actual Passwords
7.5.2
Storing Hashed Passwords
7.5.3
Brute Force Attacks on Hashed Passwords
7.5.4
Pre-calculated Hashes and Rainbow Tables
7.5.5
Salting a Password
7.5.6
Summary and Other Issues
8
Cryptography in Linux
8.1
Prerequisites
8.1.1
Assumed Knowledge
8.1.2
Linux and Network Setup
8.2
OpenSSL
8.2.1
Overview of OpenSSL
8.2.2
Example Scenario
8.2.3
Random Numbers
8.2.4
Symmetric Key Encryption Basics
8.2.5
Hash and MAC Functions
8.2.6
Symmetric Key Encryption Padding and Modes of Operation
8.2.7
RSA and Digital Signatures
8.2.8
Diffie-Hellman Secret Key Exchange
8.2.9
Performance Benchmarking
8.3
Using Classical Ciphers with pycipher
8.3.1
Install pycipher (Recommended Method)
8.3.2
Install pycipher (Alternative Method)
8.3.3
Using pycipher
9
Networking Tools
9.1
Prerequisites
9.1.1
Assumed Knowledge
9.1.2
Linux and Network Setup
9.2
Operating Systems and Tool Interfaces
9.3
Viewing and Changing Network Interface Information
9.3.1
Viewing Interface Information
9.3.2
Changing Interface Information
9.4
Viewing Ethernet Interface Details
9.5
Testing Network Connectivity
9.6
Testing a Route
9.7
Converting Between Domain Names and IP Addresses
9.8
Viewing the Routing Table
9.9
Converting IP Addresses to Hardware Addresses
9.10
Network Statistics
9.11
Useful Networking Files
9.11.1
/etc/hostname
9.11.2
/etc/hosts
9.11.3
/etc/resolv.conf
9.11.4
/etc/network/interfaces
9.11.5
/etc/services
9.11.6
/etc/protocols
9.11.7
/etc/sysctl.conf
9.12
Application and Performance Testing
9.12.1
Generic Application Testing with netcat
9.12.2
Traffic Monitoring with iptraf
9.12.3
Internet Performance Measurements with iperf
9.12.4
Packet Drops and Delays with tc
10
Routing in Linux
10.1
Prerequisites
10.1.1
Assumed Knowledge
10.1.2
Linux and Network Setup
10.2
Routers
10.2.1
Routers and Hosts
10.2.2
Enabling Routing
10.2.3
Editing the Routing Table
10.3
Networking Setup Example
10.3.1
Prerequisites
10.3.2
Setting IP Addresses
10.3.3
Enable Forwarding
10.3.4
Add Routes
10.3.5
Testing the Internet
11
Packet Capture
11.1
Prerequisites
11.1.1
Assumed Knowledge
11.1.2
Linux and Network Setup
11.2
Packet Capture Concepts
11.3
Capturing and Filtering with tcpdump
11.3.1
Capturing with tcpdump
11.3.2
Filtering Packets with tcpdump
11.4
Viewing and Analysing Packets with Wireshark
11.4.1
Viewing Captured Traffic
11.4.2
Analysis and Statistics
11.4.3
Filters
11.5
Capture Examples
11.5.1
Ping and ICMP
11.5.2
Web Browsing and HTTP
11.5.3
Netcat with TCP and UDP
11.5.4
Web Browsing to sandilands.info
11.5.5
Ping with Fragmented IP Datagrams
11.5.6
Tracepath with UDP and ICMP
12
Web Server with Apache
12.1
Prerequisites
12.1.1
Assumed Knowledge
12.1.2
Linux and Network Setup
12.2
Installing and Running Apache Web Server
12.2.1
Installing the Web Server
12.2.2
Important Files
12.2.3
Testing the Web Server
12.2.4
Creating Fake Domain Names
12.2.5
Managing the Web Server
12.2.6
Viewing Log Files
12.3
HTTPS and Certificates
12.3.1
HTTPS Step 1: Create a Certificate Authority
12.3.2
HTTPS Step 2: Create a Certificate for our Web Server
12.3.3
HTTPS Step 3: Enable HTTPS in Apache
12.3.4
HTTPS Step 4: Load the CA Certificate in the Client
12.3.5
Testing our Web Server
13
Firewalls with iptables
13.1
Prerequisites
13.1.1
Assumed Knowledge
13.1.2
Linux and Network Setup
13.2
Firewall Concepts
13.2.1
How Do Firewalls Work?
13.2.2
Firewall Rules
13.2.3
Firewalls and Servers
13.3
iptables Concepts
13.3.1
Chains in iptables
13.3.2
Rules in iptables
13.4
General Examples of iptables
13.4.1
Example Network
13.4.2
Host-Based Firewall
13.4.3
Prevent Ping From Working
13.4.4
View Current Rules
13.4.5
Delete All Rules
13.4.6
Router-Based Firewall
13.4.7
Prevent External Hosts Accessing to SSH Server
13.4.8
Block Computer from Accessing External Web Servers
13.4.9
Changing the Default Policy
13.4.10
Allow Access to a Web Server
13.5
Stateful Packet Inspection Concept and Examples
13.5.1
SPI Concepts
13.5.2
SPI Example in iptables
14
DHCP Server for Automatic IP Addresses
14.1
Prerequisites
14.1.1
Assumed Knowledge
14.1.2
Linux and Network Setup
14.2
Automatic IP Address Configuration
14.3
Installing a DHCP Server
14.3.1
Install ISC DHCP Server
14.3.2
Configure DHCP Server
14.3.3
Restart the DHCP Server
14.4
Using a DHCP Client
14.5
Monitoring a DHCP Server
14.6
More Resources on DHCP
15
Distributed Version Control with git
15.1
Prerequisites
15.1.1
Assumed Knowledge
15.1.2
Linux and Network Setup
15.2
Version Control Concepts
15.3
Setup a Git Repository
15.3.1
Example Scenario
15.3.2
Setup the Repositories on Server
15.4
Using Git
15.4.1
Clone an Existing Repository
15.4.2
Configure the Git Client
15.4.3
Common Git Operations
16
Attacks on Web Applications
16.1
Prerequisites
16.1.1
Assumed Knowledge
16.1.2
Linux and Network Setup
16.2
Setup Demonstration Web Sites
16.2.1
Network Topology
16.2.2
Deploy the Web Sites
16.2.3
Domain Names
16.2.4
Setup Web Browsers
16.3
MyUni Grading Website
16.3.1
Access the Website
16.3.2
Users
16.3.3
Login System
16.3.4
Subjects and Grades
16.3.5
Desired Security Policy
16.3.6
Adding New Users and Subjects
16.4
Cookie Stealing Attack
16.5
Unvalidated Redirect Attack
16.6
SQL Injection Attack
16.7
CSRF Attack
16.8
Next Steps
17
Denial of Service Attacks
17.1
Prerequisites
17.1.1
Assumed Knowledge
17.1.2
Linux and Network Setup
17.2
Address Spoofing
17.2.1
Ping Without Address Spoofing
17.2.2
Fake Source Address is Non-Existent Node
17.2.3
Fake Source Address is Another Node on LAN
17.3
Ping Flooding DoS Attack
17.3.1
Setup Nodes and Links: sysctl and tc
17.3.2
Using a Fake Source Address: iptables
17.3.3
Ping to Entire Subnet using Directed Broadcast
17.3.4
Capturing Traffic and Viewing Statistics: tcpdump and iptraf
17.3.5
Pinging Multiple Destinations with a Shell Script
17.3.6
Denial of Service on a Web Server
17.3.7
Closing Notes
17.4
NTP DDoS Attack
17.4.1
Assumptions
17.4.2
Setup NTP Servers
17.4.3
Test NTP Servers
17.4.4
Requesting the Monitoring Data
17.4.5
Basic NTP DoS Attack
17.4.6
NTP DDoS Attack
17.4.7
Next Steps
18
Private Networking with OpenVPN and Tor
19
Custom Applications with Sockets
19.1
Prerequisites
19.1.1
Assumed Knowledge
19.1.2
Linux and Network Setup
19.2
Programming with Sockets
19.2.1
Servers Handling Multiple Connections
19.2.2
Further Explanation
19.3
TCP Sockets in C
19.3.1
Example Usage
19.3.2
TCP Client
19.3.3
TCP Server
19.4
UDP Sockets in C
19.4.1
Example Usage
19.4.2
UDP Client
19.4.3
UDP Server
19.5
TCP Sockets in Python
19.5.1
Example Usage
19.5.2
TCP Client
19.5.3
TCP Server
19.6
UDP Sockets in Python
19.6.1
Example Usage
19.6.2
UDP Client
19.6.3
UDP Server
19.7
Raw Sockets in Python
20
Wireless Security in Linux
20.1
Prerequisites
20.1.1
Assumed Knowledge
20.1.2
Linux and Network Setup
20.2
Wireless LANs
20.2.1
Wireless LAN Concepts
20.2.2
Linux
20.2.3
macOS
20.2.4
Windows
20.3
Capturing Wireless LAN Packets in Monitor Mode with iw
20.3.1
Getting Started with iw
20.3.2
Capturing in Monitor Mode
20.3.3
What Can Go Wrong?
20.4
Decrypting Captured Wireless LAN Packets
A
Packet Formats and Constants
A.1
Packet Formats
A.2
Port Numbers and Status Codes
B
Statistics for Communications and Security
B.1
Binary Values
B.2
Counting
B.3
Permutations and Combinations
B.4
Probability
B.5
Collisions
C
Cryptography Assumptions and Principles
C.1
Assumptions
C.1.1
Encryption
C.1.2
Knowledge of Attacker
C.1.3
Authentication with Symmetric Key and MACs
C.1.4
Hash Functions
C.1.5
Digital Signatures
C.1.6
Key Management and Random Numbers
C.2
Principles
D
Versions of this Book
[
next
] [
front
] [
up
]