Windows : - You are asked to harden a Windows Server before it goes in productio

Question

Windows :

- You are asked to harden a Windows Server before it goes in production. What steps will

you take to make the system production ready? Now assume, this server is going to have

IIS installed on top it. What additional steps would you take, and why?

WMI :

Provide WMI queries that can be run in either wmic or wmiexplorer for the following :

- Enumerate list of antivirus software's installed on the system.

- List all services on the system with start mode set to either Auto or Manual.

- Provide a WMI query to determine whether a system is a Domain Controller.

PowerShell :

- Provide a PowerShell query to list all processes with id greater than 1000 and less than 2000.

- Provide a PowerShell query to list only .bak and .temp files in C: under all folders and subfolders.

XSL Transforms :

- Get a listing of vSwitch (provided in sample)

- Get a listing of Pnic

- Get a listing ConsoleVnic

- Get a list of Services Running

- Check the Firewall Status

- Check Firewall Status for CIMHttpsServer

Regular Expressions :

- Provide a regex that matches all numbers less than or equal to 1048576.

- Provide a regex such it matches the "foobar" set to true/false/yes/no regardless of the case :

for e.g.

foobar = true

foobar True

Foobar : FALSE

MySQL :

- List all users with null or blank password.

- List all users having Super privilege and Shutdown privilege.

- Provide a SQL query to audit secure_auth is enabled.

Linux

- What is the purpose of /proc filesystem ?

- Assume your dev system is full, how will you find out you which directories are using up

space, and start clearing unnecessary files?

- What are the benefits of a setuid program? And are there any security implications

of having setuid programs on a system?

- Provide a command to find following files.

- setuid or setguid bit set

- world writeable files.

- When would you redirect output to /dev/null 2>&1 and what purpose does it serve?

- How would you read first and last X number of lines from a file?

- How will you compare two files, and the list lines that have changed, while ignoring

blank lines, and spaces?

- How will you determine the program name associated that is listening on a given TCP/UDP port?

- Provide a command using grep to find all files with "info" or "error" or "warn" strings,

and then pipe those results, and list files that were modified in the past one week.

- Provide detailed steps to configure password less login to a system using public/private

keys.

GIT

- Describe the process to commit files to git.

- How will you unstage a file that has already been staged?

- How will you revert to an old revision of file after a bad commit?

Explanation / Answer

Windows

Essential--steps to harden your system.

1. Think security from the very start

2. Configure your security policy

3. Disable or delete unnecessary accounts, ports and services

4. Set up appropriate access control to the physical machine and logical components

5. Protecting your critical servers is a continuing process

WMI

List of enumerate antivirus software

List of enumerate Security software detected:

List all services on the system with start mode set to either Auto or Manual.

Automatic - With a service in this state, it will start at boot time. Some services, when no longer required, will also automatically stop when not needed. If you find you do not need a service, place it into Manual or Disabled.

Manual - Manual mode allows Windows to start a service when needed. However, very few services will start up when required in Manual mode. If you find you need a service, place it into Automatic.

Provide a WMI query to determine whether a system is a Domain Controller.

A WMI query that can search against any information on a client’s computer.

Provide a PowerShell query to list all processes with id greater than 1000 and less than 2000.

Win32_process

Win32_logicDisk

Null

Event

Provide a PowerShell query to list only .bak and .temp files in C: under all folders and subfolders.

.tempà temporary file systems

.blackà This command by itself will back up only a single site collection

XML tranforms

Get a listing of vSwitch

VSwitchàlooking for attribute values

Pnicà transform XML to HTML

ConsoleVnic

service runningà indicate the serives are running at currently

firewall statusà indicate the firewall status

CIMHttpsserveràindicate Http server function

Regular expressions

Description: The le function is used for numeric comparison and returns true if the subject is Less Than Or Equal To its argument. If either the subject or the argument cannot be coerced into a Number, this function returns false.

Subject Type: Number

Arguments:

Provide a regex such it matches the "foobar" set to true/false/yes/no regardless of the case

Description: String apart according to a delimiter that is provided, and then evaluates each of the values against the rest of the Expression. If the Expression, when evaluated against any of the individual values, returns true, this function returns true. Otherwise, the function returns false.

MySQL :

SHUTDOWN

Enables use of MySQLadmin shutdown

SUPER

Enables use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL statements, the MySQLadmin debug command; allows you to connect (once) even if max_connections is reached

the mysql client supports a --secure-auth option that is analogous to secure_auth, but from the client side. It can be used to prevent connections to less secure accounts that use pre-4.1 password hashing.

Linux

/proc/PID/cmdline

Command line arguments.

/proc/PID/cpu

Current and last cpu in which it was executed.

/proc/PID/cwd

Link to the current working directory.

/proc/PID/environ

Values of environment variables.

/proc/PID/exe

Link to the executable of this process.

/proc/PID/fd

Directory, which contains all file descriptors.

/proc/PID/maps

Memory maps to executables and library files.

/proc/PID/mem

Memory held by this process.

/proc/PID/root

Link to the root directory of this process.

/proc/PID/stat

Process status.

/proc/PID/statm

Process memory status information.

/proc/PID/status

Process status in human readable form.

heck for deleted files with lsof | grep -i deleted Then you can see if a process is hanging on to an inode that you think was deleted.

Advantages:
* auditable

* highly configurable

* open source - it's free, generally has issues resolved quite quickly, works on most Unix platforms

Due to potential security issues,[3] many operating systems ignore the setuid attribute when applied to executable shell scripts.

setuid or setguid bit set

The following command discovers and prints any setuid files on local system:
# find / -xdev ( -perm -4000 ) -type f -print0 | xargs -0 ls –l

Here is several simplified (usually you need to avoid traversing special filesystem and NFS mounts) but potentially useful examples:

find / -perm -0002 -type d -print

find / -perm -0002 -type f -print

find / -perm -2 ! -type l -ls

find / -nouser -o -nogroup -print

to fix

find / -nouser -o -nogroup -print0 | xargs -0 chgrp root:root

That 1 represents standard out and 2 represents standard error. I understand that 2>&1 combines the output of 2 to 1 and vice versa.

Some shells have shortcuts for common redirections; here are examples from Bash:

Sometimes it is useful to see just the first few, or last few, lines in a file. If you want to see what is in a file without looking at the whole file, you may find the head command useful. The tail command, which looks at the last few lines, can be useful as well. For example, you could use tail to look at the latest information in a log file, a file that is being constantly updated by some program on the system.

To look at the first few lines of a file, type head filename, where filename is the name of the file you want to look at, and then press <Enter>. By default, head shows you the first 10 lines of a file. You can change this by typing head -number filename, where number is the number of lines you want to see.

Try using tail to look at the last five lines of your .profile or .login:

setenv WPVER lyrix6      

Below is a summary of all of the options that GNU diff accepts. Most options have two equivalent names, one of which is a single letter preceded by ‘-’, and the other of which is a long name preceded by ‘--’. Multiple single letter options (unless they take an argument) can be combined into a single command line word: -ac is equivalent to -a -c. Long named options can be abbreviated to any unique prefix of their name. Brackets ([ and ]) indicate that an option takes an optional argument.

-a

--text

Treat all files as text and compare them line-by-line, even if they do not seem to be text.

-b

--ignore-space-change

Ignore changes in amount of white space.

-B

--ignore-blank-lines

Ignore changes that just insert or delete blank lines.

A. Under Linux and UNIX you can use any one of the following command to get listing on a specific TCP port:
=> lsof : list open files including ports.

=> netstat : The netstat command symbolically displays the contents of various network-related data and information.

public void error(Object message)

It prints messages with the level Level.ERROR.

public void info(Object message);

It prints messages with the level Level.INFO.

public void warn(Object message);

It prints messages with the level Level.WARN.

keys.

Step One—Create the RSA Key Pair

Step Two—Store the Keys and Passphrase

Step Three—Copy the Public Key

GIT

- Describe the process to commit files to git.

The git commit command commits the staged snapshot to the project history. Committed snapshots can be thought of as “safe” versions of a project—Git will never change them unless you explicity ask it to. Along with git add, this is one of the most important Git commands.

While they share the same name, this command is nothing like svn commit. Snapshots are committed to the local repository, and this requires absolutely no interaction with other Git repositories.

Commit the staged snapshot, but instead of launching a text editor, use <message> as the commit message.

- How will you unstage a file that has already been staged?

You can unstage files from the index using

Just like git add, you can unstage files recursively by directory and so forth, so to unstage everything at once, run this from the root directory of your repository:

Also, for future reference, the output of git status will tell you the commands you need to run to move files from one state to another

- How will you revert to an old revision of file after a bad commit?

To revert to a previous version of your application (roll back changes) in Subversion, you merge the changes from your current revision back to the revision you want to revert to. So, for example, if you want to revert the trunk of your application from revision 73 to 68, you would do the following:

SHUTDOWN

Enables use of MySQLadmin shutdown

SUPER

Enables use of CHANGE MASTER, KILL, PURGE MASTER LOGS, and SET GLOBAL statements, the MySQLadmin debug command; allows you to connect (once) even if max_connections is reached

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.