Linux Server Security - Hack and Defend ($29 Value) FREE For a Limited Time

Linux Server Security - Hack and Defend ($29 Value) FREE For a Limited Time

Learn how to attack and defend the world’s most popular web server platform.

Linux Server Security: Hack and Defend presents a detailed guide for experienced admins, aspiring hackers and other IT professionals seeking a more advanced understanding of Linux security. Written by a 20-year veteran of Linux server deployment this book provides the insight of experience along with highly practical instruction.

This eBook will help you:

• Master hacking tools and launch sophisticated attacks: perform SQL injections, deploy multiple server exploits and crack complex passwords
• Defend systems and networks: make your servers invisible, be confident of your security with penetration testing and repel unwelcome attackers
• Increase your background knowledge of attacks on systems and networks and improve all-important practical skills required to secure any Linux server
• Diverse, broadly-applicable and hands-on practical, Linux Server Security: Hack and Defend is the essential resource to further your career. 

Download eBook

LinEnum: A Tool To Check Local Linux Enumeration And Privilege Escalation Script

LinEnum : A Tool to Check Local Linux Enumeration & Privilege Escalation Script 

General usage:

version 0.6

• Example: ./LinEnum.sh -k keyword -r report -e /tmp/ -t

Options:

• -k Enter keyword
• -e Enter export location
• -t Include thorough (lengthy) tests
• -r Enter report name
• -h Displays this help text

Running with no options = limited scans/no output file

• -e Requires the user enters an output location i.e. /tmp/export. If this location does not exist, it will be created.
• -r Requires the user to enter a report name. The report (.txt file) will be saved to the current working directory.
• -t Performs thorough (slow) tests. Without this switch default 'quick' scans are performed.
• -k An optional switch for which the user can search for a single keyword within many files (documented below).

See CHANGELOG.md for further details

High-level summary of the checks/tasks performed by LinEnum:

• Kernel and distribution release details
• System Information:
  • Hostname
  • Networking details:
  • Current IP
  • Default route details
  • DNS server information
• User Information:
  • Current user details
  • Last logged on users
  • Shows users logged onto the host
  • List all users including uid/gid information
  • List root accounts
  • Extracts password policies and hash storage method information
  • Checks umask value
  • Checks if password hashes are stored in /etc/passwd
  • Extract full details for ‘default’ uid’s such as 0, 1000, 1001 etc
  • Attempt to read restricted files i.e. /etc/shadow
  • List current users history files (i.e .bash_history, .nano_history etc.)
  • Basic SSH checks
• Privileged access:
  • Determine if /etc/sudoers is accessible
  • Determine if the current user has Sudo access without a password
  • Are known ‘good’ breakout binaries available via Sudo (i.e. nmap, vim etc.)
  • Is root’s home directory accessible
  • List permissions for /home/
• Environmental:
  • Display current $PATH
  • Displays env information
• Jobs/Tasks:
  • List all cron jobs
  • Locate all world-writable cron jobs
  • Locate cron jobs owned by other users of the system
• Services:
  • List network connections (TCP & UDP)
  • List running processes
  • Lookup and list process binaries and associated permissions
  • List inetd.conf/xined.conf contents and associated binary file permissions
  • List init.d binary permissions
• Version Information (of the following):
  • Sudo
  • MYSQL
  • Postgres
  • Apache
    • Checks user config
    • Shows enabled modules
• Default/Weak Credentials:
  • Checks for default/weak Postgres accounts
  • Checks for default/weak MYSQL accounts
• Searches:
  • Locate all SUID/GUID files
  • Locate all world-writable SUID/GUID files
  • Locate all SUID/GUID files owned by root
  • Locate ‘interesting’ SUID/GUID files (i.e. nmap, vim etc)
  • List all world-writable files
  • Find/list all accessible *.plan files and display contents
  • Find/list all accessible *.rhosts files and display contents
  • Show NFS server details
  • Locate *.conf and *.log files containing keyword supplied at script runtime
  • List all *.conf files located in /etc
  • Locate mail
• Platform/software specific tests:
• Checks to determine if we're in a Docker container
• Checks to see if the host has Docker installed

Download

DMitry A Deepmagic Information Gathering Tool

DMitry (Deepmagic Information Gathering Tool) is a UNIX/(GNU) Linux Command Line Application coded in C language.

DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more. The information are gathered with following methods:

• Perform an Internet Number whois lookup.
• Retrieve possible uptime data, system and server data.
• Perform a SubDomain search on a target host.
• Perform an E-Mail address search on a target host.
• Perform a TCP Portscan on the host target.
• A Modular program allowing user specified modules

Download and installation

DMitry can be downloaded by issuing following commands:

$ cd /data/src/
$ wget http://mor-pah.net/code/DMitry-1.3a.tar.gz


For installation, issue following commands:

$ tar xzvf DMitry-1.3a.tar.gz
$ cd DMitry-1.3a/
$ ./configure
$ make
$ sudo make install

Then optionally create a symbolic link to your /pentest/ directory:

$ mkdir -p /pentest/enumeration/dmitry/
$ ln -s /usr/local/bin/dmitry /pentest/enumeration/dmitry/dmitry

Use

help
DMitry help can be displayed by issuing:

$ dmitry --help

Download 

Wikileaks Unveils CIA Implants that Steal SSH Credentials from Windows & Linux PCs

WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors.

Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network.

Dubbed BothanSpy — implant for Microsoft Windows Xshell client, and Gyrfalcon — targets the OpenSSH client on various distributions of Linux OS, including CentOS, Debian, RHEL (Red Hat), openSUSE and Ubuntu.WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors. Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy — implant for Microsoft Windows Xshell client, and Gyrfalcon — targets the OpenSSH client on various distributions of Linux OS, including CentOS, Debian, RHEL (Red Hat), openSUSE and Ubuntu.



Both implants steal user credentials for all active SSH sessions and then sends them to a CIA-controlled server.

BothanSpy — Implant for Windows OS

BothanSpy is installed as a Shellterm 3.x extension on the target machine and only works if Xshell is running on it with active sessions.

Xshell is a powerful terminal emulator that supports SSH, SFTP, TELNET, RLOGIN and SERIAL for delivering industry leading features including dynamic port forwarding, custom key mapping, user defined buttons, and VB scripting.

"In order to use BothanSpy against targets running a x64 version of Windows, the loader being used must support Wow64 injection," the leaked CIA user manual reads. 

"Xshell only comes as a x86 binary, and thus BothanSpy is only compiled as x86. Shellterm 3.0+ supports Wow64 injection, and Shellterm is highly recommended."

Gyrfalcon — Implant for Linux OS

Gyrfalcon targets Linux systems (32 or 64-bit kernel) using a CIA-developed JQC/KitV rootkit for persistent access.Both implants steal user credentials for all active SSH sessions and then sends them to a CIA-controlled server. BothanSpy — Implant for Windows OS BothanSpy is installed as a Shellterm 3.x extension on the target machine and only works if Xshell is running on it with active sessions. Xshell is a powerful terminal emulator that supports SSH, SFTP, TELNET, RLOGIN and SERIAL for delivering industry leading features including dynamic port forwarding, custom key mapping, user defined buttons, and VB scripting. "In order to use BothanSpy against targets running a x64 version of Windows, the loader being used must support Wow64 injection," the leaked CIA user manual reads.  "Xshell only comes as a x86 binary, and thus BothanSpy is only compiled as x86. Shellterm 3.0+ supports Wow64 injection, and Shellterm is highly recommended." Gyrfalcon — Implant for Linux OS Gyrfalcon targets Linux systems (32 or 64-bit kernel) using a CIA-developed JQC/KitV rootkit for persistent access.

Gyrfalcon is also capable of collecting full or partial OpenSSH session traffic, and stores stolen information in an encrypted file for later exfiltration.

"The tool runs in an automated fashion. It is configured in advance, executed on the remote host and left running," the user manual of Gyrfalcon v1.0 reads. 

"Sometime later, the operator returns and commands gyrfalcon to flush all of its collection to disk. The operator retrieves the collection file, decrypts it, and analyzes the collected data."

The user manual for Gyrfalcon v2.0 says that the implant is consist of "two compiled binaries that should be uploaded to the target platform along with the encrypted configuration file."

"Gyrfalcon does not provide any communication services between the local operator computer and target platform. The operator must use a third-party application to upload these three files to the target platform."

Previous Vault 7 CIA Leaks

Last week, WikiLeaks dumped a classified CIA project that allowed the spying agency to hack and remotely spy on PCs running the Linux operating systems.

Dubbed OutlawCountry, the project lets the CIA hackers redirect all outbound network traffic on the targeted machine to CIA controlled computer systems for exfiltrate and infiltrate data.

Since March, the whistleblowing group has published 15 batches of "Vault 7" series, which includes the latest and last week leaks, along with the following batches:

• ELSA – the alleged CIA malware that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system.
• Brutal Kangaroo – A tool suite for Microsoft Windows used by the agency to targets closed networks or air-gapped computer systems within an organization or enterprise without requiring any direct access.
• Cherry Blossom – An agency's framework, basically a remotely controllable firmware-based implant, used for spying on the Internet activity of the targeted systems by exploiting flaws in WiFi devices.
• Pandemic – The agency's project that let it turn Windows file servers into covert attack machines that can silently infect other computers of interest inside a targeted network.
• Athena – A spyware framework that has been designed by CIA to take full control over the infected Windows machines remotely, and works against every version of Windows OS, from Windows XP to Windows 10.
• AfterMidnight and Assassin – Two alleged CIA malware frameworks for the Microsoft Windows platform that has been designed to monitor actions on the infected remote host computer and execute malicious actions.
• Archimedes – Man-in-the-middle (MitM) attack tool allegedly created by the CIA to target computers inside a Local Area Network (LAN).
• Scribbles – Software allegedly designed to embed 'web beacons' into confidential documents, allowing the spying agency to track insiders and whistleblowers.
• Grasshopper – Framework which allowed the agency to easily create custom malware for breaking into Microsoft's Windows and bypassing antivirus protection.
• Marble – Source code of a secret anti-forensic framework used by the agency to hide the actual source of its malware.
• Dark Matter – Hacking exploits the agency designed to target iPhones and Macs.
• Weeping Angel – Spying tool used by the agency to infiltrate smart TV's, transforming them into covert microphones.
• Year Zero – Alleged CIA hacking exploits for popular hardware and software.

Gyrfalcon is also capable of collecting full or partial OpenSSH session traffic, and stores stolen information in an encrypted file for later exfiltration. "The tool runs in an automated fashion. It is configured in advance, executed on the remote host and left running," the user manual of Gyrfalcon v1.0 reads.  "Sometime later, the operator returns and commands gyrfalcon to flush all of its collection to disk. The operator retrieves the collection file, decrypts it, and analyzes the collected data." The user manual for Gyrfalcon v2.0 says that the implant is consist of "two compiled binaries that should be uploaded to the target platform along with the encrypted configuration file." "Gyrfalcon does not provide any communication services between the local operator computer and target platform. The operator must use a third-party application to upload these three files to the target platform." Previous Vault 7 CIA Leaks Last week, WikiLeaks dumped a classified CIA project that allowed the spying agency to hack and remotely spy on PCs running the Linux operating systems. Dubbed OutlawCountry, the project lets the CIA hackers redirect all outbound network traffic on the targeted machine to CIA controlled computer systems for exfiltrate and infiltrate data. Since March, the whistleblowing group has published 15 batches of "Vault 7" series, which includes the latest and last week leaks, along with the following batches: ELSA – the alleged CIA malware that tracks geo-location of targeted PCs and laptops running the Microsoft Windows operating system. Brutal Kangaroo – A tool suite for Microsoft Windows used by the agency to targets closed networks or air-gapped computer systems within an organization or enterprise without requiring any direct access. Cherry Blossom – An agency's framework, basically a remotely controllable firmware-based implant, used for spying on the Internet activity of the targeted systems by exploiting flaws in WiFi devices. Pandemic – The agency's project that let it turn Windows file servers into covert attack machines that can silently infect other computers of interest inside a targeted network. Athena – A spyware framework that has been designed by CIA to take full control over the infected Windows machines remotely, and works against every version of Windows OS, from Windows XP to Windows 10. AfterMidnight and Assassin – Two alleged CIA malware frameworks for the Microsoft Windows platform that has been designed to monitor actions on the infected remote host computer and execute malicious actions. Archimedes – Man-in-the-middle (MitM) attack tool allegedly created by the CIA to target computers inside a Local Area Network (LAN). Scribbles – Software allegedly designed to embed 'web beacons' into confidential documents, allowing the spying agency to track insiders and whistleblowers. Grasshopper – Framework which allowed the agency to easily create custom malware for breaking into Microsoft's Windows and bypassing antivirus protection. Marble – Source code of a secret anti-forensic framework used by the agency to hide the actual source of its malware. Dark Matter – Hacking exploits the agency designed to target iPhones and Macs. Weeping Angel – Spying tool used by the agency to infiltrate smart TV's, transforming them into covert microphones. Year Zero – Alleged CIA hacking exploits for popular hardware and software.

50+ Best Lightweight Linux Distros for 2017

With the feedback and requests we got from our Best Linux Distros for Gaming list, we had to do another list of the best lightweight Linux distros. Actually, some of them fit both our categories. Sure, there are other similar lists our there, but this one has up-to-date info and we’ve personally tried and tested (almost) every distro on our old laptops. It took us 7 months to compile this list and a few weeks to update it with new data! We’ve seen new lists that included distros with their latest update being in 2005. Come on, how is that distro still relevant and good in 2017? And don’t get us started on how each list is just a rehashed version of the same 5 distros. We purposefully included many distros in our list so you have more options to choose from. All distros are free and can run on ~512MB RAM or less. If you’re feeling overwhelmed, just pick any distro.

You don’t have to throw away your old PCs and laptops. Install a lightweight Linux distro on them and they’re as good as new.  Lightweight distros don’t even have to be used on old hardware. You can install them on some bleeding-edge hardware and get the ultimate performance. Most distros are portable and can run on a Live CD/USB, without a hard drive. Why should you use other OSes full of bloatware and unnecessary stuff when you can use a perfectly fine Linux alternative?

Anyway, before we go on with the list, a few quick tips on how to choose the best one for you.

How to choose the best lightweight Linux distro for you

These guidelines should help, but if you’re feeling overwhelmed, just pick any distro from the list below and you’ll be fine.

• Any Linux distro is better than Windows/OS X when it comes to old hardware. Linux distros and the software that runs on them are far more optimized and compatible with old(er) hardware. If you’re using Windows or OS X and it “feels slow”, switch to a Linux distro. You’re guaranteed to see an improvement in performance. Some older versions of Windows and OS X are fast for older hardware, but they don’t get any support or updates, unlike all distros listed here.
• Choosing the right lightweight distro will depend on what you’re going to use it for. Some distros are optimized for certain activities, ie. servers and gaming. Are you going to use it for everyday browsing? If so, have in mind that websites have evolved and although the browser and OS itself will perform better, the websites can still be bloated and slow down your Linux. If you’re going to use it for random office tasks like word processing, spreadsheets, or presentations – the lightweight Linux distros will work just fine. Maybe you’d like to use your old laptop as a media device and watch movies on it. You’re good to go, as long as the movie itself is not a full Blu-Ray rip.
• Another guideline is how much you’re willing to sacrifice. How much OS features do you really need? You don’t really need all that fancy UI animations and 3D stuff. Some Linux distros do have great modern UIs, but they do require better hardware.
• Previous experience is another big factor you need to consider before you choose a lightweight Linux distro. Are you a beginner? Then don’t use Arch Linux. Have you used Ubuntu before? Then get a lightweight distro based on Ubuntu. Got used to the Windows XP interface and want something similar? Sure, we have the perfect distro for you.
• Pro-tip: do a bit of research for your hardware and see if the distro supports it. It most likely will, but just to be sure, you can do a quick google with your hardware model and the distro and you should get some results. Most distros can run on a cheap USB flash drive – you don’t even need an HDD/SSD. This is often referred to as a “Live CD/USB”. We’ll include a ‘minimum hardware requirements’ for each distro, so you can check if the hardware stats you have will support the distro. Most of these distros can run perfectly fine on a Raspberry Pi.

Quick overview of the distros included in our list

Now (finally), onto the main part, the best lightweight Linux distros for old computers/laptops. Click on the distro’s name to find more info, screenshots, and download links.

Distro	Minimum RAM (MB)	Minimum CPU	Minimum Disk Space (MB)
Lubuntu	512	Pentium 4, Pentium M, AMD K8 or newer CPU. At least 266 MHz	3000
LXLE	512	Pentium 3	8000
Arch Linux	512	Any 64-compatible machine	1000
ArchBang	256	i686 or x86_64 compatible machine	700
Puppy Linux	128	233 MHz	512
Linux Lite	512	700 MHz	2000
KNOPPIX	120	i486	2000
Peppermint	512	Any processor based on Intel x86 architecture	3600
PCLinuxOS	512	Any Intel, AMD or VIA x86/64 processor	12000
Trisquel Mini	128	AMD K6 or Intel Pentium II	3000
Porteus	256	Any Intel, AMD or VIA x86/64 processor	512
Manjaro Linux - Xfce Edition	512	1 GHz	30000
Peach OSI	512	700 MHz processor (Intel Celeron or better)	8600
Pixel OS	512	1 GHz	5000
Modern X	256	366 MHz	3000
Debian	256	1 GHz	10000
Sparky Linux	256	i686 / amd64 CPU	10000
SliTaz	192	i486 or x86 Intel compatible processors	80
Elive	128	300 MHz	700
BunsenLabs Linux	256	1 GHz	10000
antiX	192	Any Intel, AMD or VIA x86/64 processor	2800
Slax	48	Any Intel, AMD or VIA x86/64 processor	220
Linux Mint	512	Any Intel, AMD or VIA x86/64 processor	10000
wattOS	192	Any Intel, AMD or VIA x86/64 processor	700
Zorin OS Lite	512	700 MHz	8000
Bodhi Linux	128	500 MHz	4000
Tiny Core Linux	48	At least an i486DX CPU	11
CRUX	192	x86-64 or newer CPUs	1000
Bonus Distros	Starting from 3 MB RAM!	Starting from 1.44!