ComputerSecurityStudent (CSS) [Login] [Join Now]




|UNIX >> Fedora >> Current Page |Views: 8065

(Fedora: Lesson 3)

{ Hardening the Boot Loader, /boot/grub/grub.conf }


Section 0. Background Information
  1. What is grub?
    • The grub stands for Grand Unified Boot Loader.
    • The grub loader can recognize various types of filesystems and kernel executable formats, allowing it to load an arbitrary operating system.
    • When you boot the system, the grub displays a menu of choices that is generated by the /boot/grub/grub.conf if the timeout directive is not equal to 0.
    • The /boot/grub/grub.conf file is the default configuration file.
    • To prevent the grub menu from being displayed the timeout directive should be set to 0.
    • To prevent an unauthorized user from physically gaining root single user access to the server by editing the kernel, you must add the password --md5 directive to the grub.conf file.

  2. Lab Notes
    • In this lab we will do the following:
      1. We will enter the grub menu
      2. We will create a md5 password
      3. We will add the md5 password to the grub.conf file
      4. We will test the grub menu to make sure it is password protected.

  3. Legal Disclaimer
    • As a condition of your use of this Web site, you warrant to computersecuritystudent.com that you will not use this Web site for any purpose that is unlawful or that is prohibited by these terms, conditions, and notices.
    • In accordance with UCC § 2-316, this product is provided with "no warranties, either express or implied." The information contained is provided "as-is", with "no guarantee of merchantability."
    • In addition, this is a teaching website that does not condone malicious behavior of any kind.
    • Your are on notice, that continuing and/or using this lab outside your "own" test environment is considered malicious and is against the law.
    • © 2013 No content replication of any kind is allowed without express written permission.

     

Section 1: Configure Fedora14 Virtual Machine Settings
  1. Open Your VMware Player
    • Instructions:
      1. On Your Host Computer, Go To
      2. Start --> All Program --> VMWare --> VMWare Player
     
  2. Edit Fedora 14 Virtual Machine Settings
    • Instructions:
      1. Highlight Fedora14
      2. Click Edit virtual machine settings

     

  3. Edit Network Adapter
    • Instructions:
      1. Highlight Network Adapter
      2. Select Bridged
      3. Click the OK Button

 

Section 2: Login to Fedora14
  1. Start the Fedora14 VM
    • Instructions:
      1. Click on the Fedora14 VM
      2. Click on Play virtual machine

     

  2. Login to Fedora14
    • Instructions:
      1. Login: student
      2. Password: <Provide Your Password>
      3. Click the Log In Button

 

Section 3: Open Console Terminal and Retrieve IP Address
  1. Start a Terminal Console
    • Instructions:
      1. Applications --> Terminal

     

  2. Switch user to root
    • Instructions:
      1. su - root
      2. <Whatever you set the root password to>

     

  3. Get IP Address
    • Instructions:
      1. ifconfig -a
    • Notes (FYI):
      • As indicated below, my IP address is 192.168.1.111.
      • Please record your IP address.

 

Section 4: Configure grub to provide single user root prompt
  1. Enter the Grub Shell
    • Instructions:
      1. grub

     

  2. Create a Grub Password
    • Instructions:
      1. md5crypt
      2. Password: n0H4ck1n9
      3. quit

     

  3. Copy Grub Password
    • Instructions:
      1. Highlight the encrypted string.
      2. Edit --> Copy

     

  4. Create file md5crypt.txt with gedit
    • Instructions:
      1. gedit md5crypt.txt &

     

  5. Save file md5crypt.txt
    • Instructions:
      1. Right click in the white part of the screen
      2. Click Paste
      3. Click the Save Button

     

  6. Open the grub.conf file
    • Instructions:
      1. cd /boot/grub/
      2. cp grub.conf grub.conf.bkp
      3. gedit grub.conf &

     

  7. Add Password Directive to the grub.conf file
    • Instructions:
      1. Place your cursor at the end of the line that contains the string default=0 and Press <Enter>
      2. Add the following password phrase after the default=0 directive
        • password --md5 $1$pK21O1$0WqruNZHjMEH1G0kR5881.
      3. Click the Save Button
    • Note(FYI):
      1. The password($1$pK21O1$0WqruNZHjMEH1G0kR5881.) string is located in your md5crypt.txt file.

     

Section 5: Verifying the boot loader is password protected
  1. Reboot the Machine
    • Instructions:
      1. reboot

     

  2. Boot to Grub 2 Menu
    • Instructions
      1. Once you see the below vmware screen, (1) Left Click in the screen and (2) press the "e" key
    • Note(FYI):
      1. This might take you a few times so be patient!!!

     

  3. Unlock Grub Menu
    • Instructions
      1. Press "p" key.
    • Note(FYI):
      1. Notice that there is no "e" option to edit the boot loader.  In order to edit the boot loader, you will have to press "p" to enter a password.

     

  4. Enter the Password
    • Instructions
      1. Password: n0H4ck1n9

     

  5. Enter the Grub Menu
    • Instructions
      1. Press "e" key

     

  6. Boot the System
    • Instructions
      1. Press "b" key
    • Note(FYI):
      1. Since we do not need edit the kernel, go a head and press the "b" key to boot up the system.

 

Section 6:  Proof of Lab
  1. Login to Fedora14
    • Instructions:
      1. Login: student
      2. Password: <Provide Your Password>
      3. Click the Log In Button

     

  2. Start a Terminal Console
    • Instructions:
      1. Applications --> Terminal

     

  3. Switch user to root
    • Instructions:
      1. su - root
      2. <Whatever you set the root password to>

     

  4. Proof of Lab
    • Instructions:
      1. cd /boot/grub/
      2. grep password /boot/grub/grub.conf
      3. date
      4. echo "Your Name"
        • Put in your actual name in place of "Your Name"
        • e.g., echo "John Gray"
    • Proof of Lab Instructions
      1. Press the <Ctrl> and <Alt> key at the same time.
      2. Press the <PrtScn> key.
      3. Paste into a word document
      4. Upload to Moodle


Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth