Differences
This shows you the differences between two versions of the page.
|
isc:lectures:03 [2017/03/18 10:17] mihai.chiroiu |
isc:lectures:03 [2024/11/01 17:21] (current) florin.stancu |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ==== Lecture 03 - Access control ==== | + | ==== Lecture 03 - Authentication and Key Establishment ==== |
| - | 1. Creare 3 utilizatori | + | <HTML> |
| + | <iframe src="https://docs.google.com/presentation/d/e/2PACX-1vS8hXROtTrLWRWbPnTbTatIITeWPA4eJWhDzt9uVA0p6f2XzSi_MID9tvPTmACVCA/embed?start=false&loop=false&delayms=60000" frameborder="0" width="100%" height="600" allowfullscreen="true" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe> | ||
| + | </HTML> | ||
| - | Discretionary Access Control | + | [[https://docs.google.com/presentation/d/e/2PACX-1vS8hXROtTrLWRWbPnTbTatIITeWPA4eJWhDzt9uVA0p6f2XzSi_MID9tvPTmACVCA/pub?start=false&loop=false&delayms=60000 | Lecture 03 - Authentication and Key Establishment]] |
| - | + | ||
| - | 2. modificare drepturi fisiere linux, trecere de la un utilizator la altul, verificare drepturi. | + | |
| - | + | ||
| - | 3. schimbarea owner | + | |
| - | + | ||
| - | 4. Setuid/Setgid permisiuni (cu vizionarea in ps a utilizatorului sub care porneste un proces) | + | |
| - | + | ||
| - | 5. Dacă avem windows ar fi super să facem și cacls (https://technet.microsoft.com/en-us/library/bb490872.aspx?f=255&MSPPError=-2147217396) | + | |
| - | + | ||
| - | Mandatory Access Control | + | |
| - | + | ||
| - | TODO in imagine: instalare apparmor, apache module, apparmor profiles, apparmor utilities, | + | |
| - | TODO in imagine: pentru apache ar trebui sters site-ul default, facut un site pentru isc.ro care sa permita un upload, fara ssl, la sfarsit trebuie ca links isc.ro sa deschida o pagina cu "ISC is fun!", trebuie facut un script care sa faca upload din cmd pe site-ul isc.ro local | + | |
| - | + | ||
| - | 6. creat un aahat pentru apache,pus aici un profil de baza si vazut ca merge cu apparmor | + | |
| - | + | ||
| - | 7. apoi sa fie modificat profilul de baza a.i. sa se poata face si file upload | + | |
| + | === More resources === | ||
| + | * //[[https://people.scs.carleton.ca/~paulv/toolsjewels.html|Computer Security and the Internet: Tools and Jewels]]// => [[https://people.scs.carleton.ca/~paulv/toolsjewels/TJrev1/ch3-rev1.pdf|Chapter 3 (User Authentication, pdf)]] + [[https://people.scs.carleton.ca/~paulv/toolsjewels/TJrev1/ch4-rev1.pdf|Chapter 4 (Key Establishment, pdf)]] | ||
