Network access control is the act of keeping unauthorized users and devices out of a private network. The act of deny(1) is the result of overriding the authentication method. It’s not a hard thing to do. Remember that Novell as a company is known to have subverted the US system and allow Linux in the enterprise for months and in some cases years before it became well known that this was possible. There are many examples of denial(1) and as in the last article, denial(2) as well. Unfortunately, some users have no appreciation of the magnitude of the threat, so all the descriptions of denial(1) and denial(2) are based upon the information known. This article will describe some of the ways that denial(1) and denial(2) are made possible. The first paragraph describes the creation of a user and/or a group of users on a privileged system. If a system is configured to have access control enabled, and only those users and/or groups of users have privileged access, then the users and/or groups can be created from within the secure system and that’s why the use of services from services as Fortinet which you can find online. The second paragraph describes the creation of a block-list. Any user or group can be added to a block-list, but some are valid, others are not. An entry on the list will be added to the block-list which will prevent further additions until the original list entry has been removed. The third paragraph describes some examples of denial(1) and denial(2). There are many ways to make denial(1) and denial(2) work. Some of them are obvious, some not so obvious. When the need arises, a quick review of the list can help. This article will explore a few examples of denial(1) and denial(2) to show the power of the exploit development community and the amount of security they have attained over the years.
Remember how in last article, it was explained that a single privileged account or a group of privileged accounts can be a doorway to other accounts or a “hole” in the firewall. In the world of Linux, the reverse is true as well. Once again, we have the same idea. If you allow access to certain users on a system, a door may be opened, but there’s also an accompanying “hole”. This section will also provide an interesting thought experiment. The question we’re asking is this: what happens when you add one privileged user to a Linux account that is already privileged? The answer to the question will tell you a great deal about Linux, especially the Novell/Linux kernel, and an ability to use denial(1) or denial(2) to accomplish the same task. Please check out this link for an analysis of several recent vulnerabilities that were discovered in the Linux kernel. Not all of them were Linux specific, but it’s interesting to note the differences.
In the section below, we are going to examine one such way of granting access. The key feature is to create a backdoor for each privileged user or group of users. It is quite simply to create a file in the home directory (where everything else resides) that contains a backdoor for each privileged account.