Home> Schools> Del Mar College> Comp Science/Info Tech (ITSY) > ITSY 2430> Sudo for Windows (sudowin)
DOC PREVIEW
DMC ITSY 2430 - Sudo for Windows (sudowin)
School name Del Mar College
Course Itsy 2430- Intrusion Detection
Pages 54

This preview shows page 1-2-3-4-25-26-27-51-52-53-54 out of 54 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
View full document
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access
Premium Document
Do you want full access? Go Premium and unlock all 54 pages.
Access to all documents
Download any document
Ad free experience
Subscribe for instant access Get instant access

Unformatted text preview:

© SANS Institute 200 7, Author retains full rights.Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46© SANS Institute 2007, As part of the Information Security Reading Room Author retains full rights.Sudo for Windows (sudowin) Schley Andrew Kutz 1 Sudo for Windows (sudowin) GCWN Gold Certification Author: Schley Andrew Kutz, [email protected] Adviser: Jim Purcell Accepted: January 20, 2007© SANS Institute 200 7, Author retains full rights.Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46© SANS Institute 2007, As part of the Information Security Reading Room Author retains full rights.Sudo for Windows (sudowin) Schley Andrew Kutz 2 Outline 1. Abstract ................................................... 4 2. Document Conventions ....................................... 6 3. Introduction / Executive Summary ........................... 7 4. History .................................................... 9 5. Implications .............................................. 10 6. Design .................................................... 12 Server .................................................... 12 Configuration ........................................... 13 Application Settings ................................. 13 Remoting Settings .................................... 14 Remoting Object .................................... 15 Remoting Channel ................................... 16 Diagnostics Settings ................................. 17 Client .................................................... 18 Command Line Client ..................................... 18 Configuration ........................................ 19 GUI Client .............................................. 20 Configuration ........................................ 21 Plugins ................................................... 21 Configuration ........................................... 21 Plugin Configuration Schema .......................... 24 Plugin Types ............................................ 27 Authentication ....................................... 27 NT ................................................. 28 Authorization ........................................ 28 XML ................................................ 28 <sudoers> .......................................... 31 <userGroup> ........................................ 34 <user> ............................................. 35 <commandGroup> ..................................... 35 <command> .......................................... 36 <commandGroupRef> .................................. 37 CredentialsCache ..................................... 38 LocalServer ........................................ 38 CallbackApplication ....................................... 38 7. Walk Through .............................................. 40 Service Startup ......................................... 40 Client Invocation ....................................... 41 8. Implementation ............................................ 45 Requirements .............................................. 45 Installing ................................................ 45 Upgrading ................................................. 46© SANS Institute 200 7, Author retains full rights.Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46© SANS Institute 2007, As part of the Information Security Reading Room Author retains full rights.Sudo for Windows (sudowin) Schley Andrew Kutz 3 Configuring ............................................... 46 The Sudoers Group ....................................... 46 The Sudoers File ........................................ 47 Uninstalling .............................................. 47 Locations ............................................... 47 Files ................................................ 47 Registry ............................................. 49 Groups ............................................... 51 Active Directory .......................................... 51 Known Issues .............................................. 51 9. Conclusion ................................................ 53© SANS Institute 200 7, Author retains full rights.Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46© SANS Institute 2007, As part of the Information Security Reading Room Author retains full rights.Sudo for Windows (sudowin) Schley Andrew Kutz 4 1. Abstract The original Sudo application was designed by Bob Coggeshall and Cliff Spencer in 1980 within the halls of the Department of Computer Science at SUNY/Buffalo.1 For twenty-six years, Sudo has provided the foundation of secure computing on UNIX and Linux platforms by allowing systems administrators to delegate privileged commands to trusted users and audit their use. A trusted user can execute a privileged command in their own user context by reaffirming their identity through confirming their passphrase and this execution will then be recorded in an auditable log. Sudo encourages the principal of least privilege – that is, a user operates with a bare minimum number of privileges on a system until the user requests a higher level of privilege in order to accomplish some task. Sudo was developed in reaction to the standard UNIX security model where although some granularity is possible with group and file permissions, delegating security is largely all or nothing. If a user was designated an administrator this usually meant giving them access to the root account’s password. The problem with this model was that it provided no accountability for actions taken on the system since all actions were being executed under the auspices of one user account. In summary, Sudo provides delegation and accountability. The current versions of Microsoft Windows lack equivalent functionality to that which Sudo provides. Therefore the security model in Windows is described by delegating a fixed privilege level 1 http://www.gratisoft.us/sudo/history.html© SANS Institute 200 7, Author retains full rights.Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46© SANS Institute 2007, As part of the Information Security Reading Room Author retains full rights.Sudo for Windows (sudowin) Schley Andrew Kutz 5 to distinct user

View Full Document

DMC ITSY 2430 - Sudo for Windows (sudowin)

School: Del Mar College
Course: Itsy 2430- Intrusion Detection
Pages: 54
Documents in this Course
Simple Network Management Protocol

Simple Network Management Protocol

7 pages

PGP Desktop for Windows User’s Guide

PGP Desktop for Windows User’s Guide

184 pages

Information Security

Information Security

16 pages

The Developer’s Guide to Virtual Machines

The Developer’s Guide to Virtual Machines

21 pages

Testing Error Documentation

Testing Error Documentation

3 pages

Systems Threats and Risks

Systems Threats and Risks

40 pages

Defence in Depth on the Home Front

Defence in Depth on the Home Front

37 pages

Personal Privacy for Computer Users

Personal Privacy for Computer Users

12 pages

Inventory Form

Inventory Form

3 pages

Windows PC: Lock it down in 10 steps

Windows PC: Lock it down in 10 steps

3 pages

Version 1 March 8, 2005 The Anatomy of Windows XP’s System Information tool

Version 1 March 8, 2005 The Anatomy of Windows XP’s System Information tool

2 pages

Microsoft Solutions for Security

Microsoft Solutions for Security

11 pages

How Hackers Attack Networks

How Hackers Attack Networks

31 pages

Lesson 1 Authentication Methods

Lesson 1 Authentication Methods

213 pages

Security Protocols

Security Protocols

67 pages

Chapter Quiz 1

Chapter Quiz 1

4 pages

WINDOWS SERVER HACKS

WINDOWS SERVER HACKS

4 pages

Windows 2000 Professional Service Configurations

Windows 2000 Professional Service Configurations

45 pages

Network Intrusion Detection

Network Intrusion Detection

20 pages

Tech Tips for Windows XP Professional

Tech Tips for Windows XP Professional

9 pages

Stop Hacker Attacks at the OS Level

Stop Hacker Attacks at the OS Level

4 pages

Writing Snort Rules

Writing Snort Rules

69 pages

Intrusion Detection using Snort

Intrusion Detection using Snort

36 pages

Security Fundamentals

Security Fundamentals

49 pages

Review of TCP/IP Protocols

Review of TCP/IP Protocols

2 pages

Introduction to VPN (Virtual Private Networks)

Introduction to VPN (Virtual Private Networks)

4 pages

Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals

24 pages

Chapter Quiz 9

Chapter Quiz 9

5 pages

WINDOWS XP HACKS

WINDOWS XP HACKS

5 pages

Configuring Windows XP security after you install Service Pack 2

Configuring Windows XP security after you install Service Pack 2

4 pages

An Ettercap Primer

An Ettercap Primer

25 pages

Adaptive firewalls with iptables

Adaptive firewalls with iptables

4 pages

Create a slipstream CD to integrate SP2 into Windows XP install disk

Create a slipstream CD to integrate SP2 into Windows XP install disk

2 pages

Windows XP Home and Professional Service Configurations

Windows XP Home and Professional Service Configurations

64 pages

Passive OS fingerprinting: Details and Techniques (Part 2)

Passive OS fingerprinting: Details and Techniques (Part 2)

8 pages

Ten Ways Hackers Breach Security

Ten Ways Hackers Breach Security

8 pages

Chapter Quiz 2

Chapter Quiz 2

3 pages

Load more
Download Sudo for Windows (sudowin)
Our administrator received your request to download this document. We will send you the file to your email shortly.

Please select your school

Login

Join to view Sudo for Windows (sudowin) and access 3M+ class-specific study document.

Continue Continue
or
We will never post anything without your permission.
Don't have an account?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.

Sign Up

Join to view Sudo for Windows (sudowin) 2 2 and access 3M+ class-specific study document.

Continue Continue
or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?

We couldn't create a GradeBuddy account using Facebook because there is no email address associated with your Facebook account.

Link an email address with your Facebook below or create a new account.