Linux Fundamentals - Network Services - Nikola's Digital Garden

#readwise # Linux Fundamentals - Network Services ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article2.74d541386bbf.png) ## Metadata - Author: [[Hack The Box]] - Full Title: Linux Fundamentals - Network Services - URL: https://academy.hackthebox.com/module/18/section/2094 ## Summary Managing network services in Linux is crucial for secure operations and communication. Administrators use tools like OpenSSH and NFS to transfer files and manage remote systems securely. Web servers are important for penetration testers to assess security and vulnerabilities in web applications. VPNs, such as OpenVPN, provide secure access to internal networks while protecting user anonymity. ## Highlights ### SSH Secure Shell (`SSH`) is a network protocol that allows the secure transmission of data and commands over a network. It is widely used to securely manage remote systems and securely access remote systems to execute commands or transfer files. ([View Highlight](https://read.readwise.io/read/01jmesx85g39nh334hg19n8bev)) ^9at8hv --- The most commonly used SSH server is the OpenSSH server. OpenSSH is a free and open-source implementation of the Secure Shell (SSH) protocol that allows the secure transmission of data and commands over a network. ([View Highlight](https://read.readwise.io/read/01jmesxhdcja0bb0h76e1v3z17)) --- OpenSSH can be configured and customized by editing the file `/etc/ssh/sshd_config` with a text editor. Here we can adjust settings such as the maximum number of concurrent connections, the use of passwords or keys for logins, host key checking, and more. ([View Highlight](https://read.readwise.io/read/01jmesysagyntr7zpczws0s948)) ^hn0g11 --- we can use SSH to securely log in to a remote system and execute commands or use tunneling and port forwarding to tunnel data over an encrypted connection to verify network settings and other system settings without the possibility of third parties intercepting the transmission of data and commands. ([View Highlight](https://read.readwise.io/read/01jmeszfwaczwtw2n8e64terp6)) ^thqute --- ### NFS Network File System (`NFS`) is a network protocol that allows us to store and manage files on remote systems as if they were stored on the local system. It enables easy and efficient management of files across networks. For example, administrators use NFS to store and manage files centrally (for Linux and Windows systems) to enable easy collaboration and management of data. For Linux, there are several NFS servers, including NFS-UTILS (`Ubuntu`), NFS-Ganesha (`Solaris`), and OpenNFS (`Redhat Linux`). It can also be used to share and manage resources efficiently, e.g., to replicate file systems between servers. It also offers features such as access controls, real-time file transfer, and support for multiple users accessing data simultaneously. We can use this service just like FTP in case there is no FTP client installed on the target system, or NFS is running instead of FTP. ([View Highlight](https://read.readwise.io/read/01jmet1btr9wak0d9rqcwxhv2k)) --- We can configure NFS via the configuration file `/etc/exports`. This file specifies which directories should be shared and the access rights for users and systems. It is also possible to configure settings such as the transfer speed and the use of encryption. NFS access rights determine which users and systems can access the shared directories and what actions they can perform. Here are some important access rights that can be configured in NFS: | Permissions | Description | | ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- | | `rw` | Gives users and systems read and write permissions to the shared directory. | | `ro` | Gives users and systems read-only access to the shared directory. | | `no_root_squash` | Prevents the root user on the client from being restricted to the rights of a normal user. | | `root_squash` | Restricts the rights of the root user on the client to the rights of a normal user. | | `sync` | Synchronizes the transfer of data to ensure that changes are only transferred after they have been saved on the file system. | | `async` | Transfers data asynchronously, which makes the transfer faster, but may cause inconsistencies in the file system if changes have not been fully committed. | ([View Highlight](https://read.readwise.io/read/01jmet2xrpppnbkaaqzggdydz6)) --- we can create a new folder and share it temporarily in NFS. We would do this as follows: ```sh mkdir nfs_sharing echo '/home/cry0l1t3/nfs_sharing hostname(rw,sync,no_root_squash)' >> /etc/exports cat /etc/exports | grep -v "#" ``` Output: ``` /home/cry0l1t3/nfs_sharing hostname(rw,sync,no_root_squash) ``` If we have created an NFS share and want to work with it on the target system, we have to mount it first. We can do this with the following command: ```sh mkdir ~/target_nfs mount 10.129.12.17:/home/john/dev_scripts ~/target_nfs ``` ([View Highlight](https://read.readwise.io/read/01jmet3m51abpx0h47mff1mn8e)) --- we have mounted the NFS share (`dev_scripts`) from our target (`10.129.12.17`) locally to our system in the mount point `target_nfs` over the network and can view the contents just as if we were on the target system. There are even some methods that can be used in specific cases to escalate our privileges on the remote system using NFS. ([View Highlight](https://read.readwise.io/read/01jmet481jzq0fy7ay3dxhzyc9)) --- ### Web Server #### Apache Among the most widely used web servers on Linux platforms are Apache, Nginx, Lighttpd, and Caddy, with Apache being particularly popular due to its broad compatibility with operating systems including Ubuntu, Solaris, and Red Hat Linux. ([View Highlight](https://read.readwise.io/read/01jmet5tw0qz8r9bt2b6rnzeqx)) --- For Apache2, to specify which folders can be accessed, we can edit the file `/etc/apache2/apache2.conf` with a text editor. This file contains the global settings. We can change the settings to specify which directories can be accessed and what actions can be performed on those directories. Apache Configuration: ```xml <Directory /var/www/html> Options Indexes FollowSymLinks AllowOverride All Require all granted </directory> ``` This section specifies that the default `/var/www/html` folder is accessible, that users can use the `Indexes` and `FollowSymLinks` options, that changes to files in this directory can be overridden with `AllowOverride All`, and that `Require all granted` grants all users access to this directory. For example, if we want to transfer files to one of our target systems using a web server, we can put the appropriate files in the `/var/www/html` folder and use `wget` or `curl` or other applications to download these files on the target system. ([View Highlight](https://read.readwise.io/read/01jmet8wwxwghcew6sw2215ykv)) --- It is also possible to customize individual settings at the directory level by using the `.htaccess` file, which we can create in the directory in question. This file allows us to configure certain directory-level settings, such as access controls, without having to customize the Apache configuration file. We can also add modules to get features like `mod_rewrite`, `mod_security`, and `mod_ssl` that help us improve the security of our web application. ([View Highlight](https://read.readwise.io/read/01jmet9nkj489kkyghwk51wqk8)) --- #### Python Web Server Python Web Server is a simple, fast alternative to Apache and can be used to host a single folder with a single command to transfer files to another system. To install Python Web Server, we need to install Python3 on our system and then run the following command: ```sh python3 -m http.server ``` ([View Highlight](https://read.readwise.io/read/01jmetamabwnkkrgf4r2q8a631)) --- When we run this command, our Python Web Server will be started on the `TCP/8000` port, and we can access the folder we are currently in. We can also host another folder with the following command: ```sh python3 -m http.server --directory /home/cry0l1t3/target_files ``` This will start a Python web server on the `TCP/8000` port, and we can access the `/home/cry0l1t3/target_files` folder from the browser, for example. When we access our Python web server, we can transfer files to the other system by typing the link in our browser and downloading the files. We can also host our Python web server on a port other than the default port: ```sh python3 -m http.server 443 ``` This will host our Python web server on port 443 instead of the default `TCP/8000` port. We can access this web server by typing the link in our browser. ([View Highlight](https://read.readwise.io/read/01jmetbxrjvmh21aprefbxp0a4)) --- ### VPN Among the most widely used VPN solutions for Linux servers are OpenVPN, L2TP/IPsec, PPTP, SSTP, and SoftEther. OpenVPN stands out as a popular open-source option compatible with various operating systems, including Ubuntu, Solaris, and Red Hat Linux. ([View Highlight](https://read.readwise.io/read/01jmetdpg81qh41bpmnhaq11r8)) --- OpenVPN can be customized and configured by editing the configuration file `/etc/openvpn/server.conf`. This file contains the settings for the OpenVPN server. We can change the settings to configure certain features such as encryption, tunneling, traffic shaping, etc. If we want to connect to an OpenVPN server, we can use the `.ovpn` file we received from the server and save it on our system. We can do this with the following command on the command line: ```sh sudo openvpn --config internal.ovpn ``` After the connection is established, we can communicate with the internal hosts on the internal network. ([View Highlight](https://read.readwise.io/read/01jmetf3x4gtkac1a6s8br9db4)) ---