We covered most cyber attacks that could hit operating systems. Authentication attacks, weak passwords, outdated software, malicious programs and malware, improper and weak file and system permissions are all common methods attackers use to compromise operation system security. This was part of introduction to cybersecurity track in TryHackMe, TryHackMe Operating System Security.
The Operating System (OS) is the layer sitting between the hardware and the applications and programs you are running. Example programs you would use daily might include a web browser, such as Firefox, Safari, and Chrome, and a messaging app, such as Signal, WhatsApp, and Telegram. All the programs and applications cannot run directly on the computer hardware; however, they run on top of the operating system. The operating system allows these programs to access the hardware according to specific rules.
Some operating systems are designed to run on laptops and personal desktops, such as MS Windows 11 and macOS. Other operating systems are designed specifically for smartphones, such as Android and iOS. There are also operating systems intended for servers; examples include MS Windows Server 2022, IBM AIX, and Oracle Solaris. Finally, there are operating systems that you can use on a personal computer and server; one example is Linux.
Authentication and Weak Passwords
Authentication is the act of verifying your identity, be it a local or a remote system. Authentication can be achieved via three main ways:
- Something you know, such as a password or a PIN code.
- Something you are, such as a fingerprint.
- Something you have, such as a phone number via which you can receive an SMS message.
Since passwords are the most common form of authentication, they are also the most attacked. Many users tend to use easy-to-guess passwords or the same password on many websites. Moreover, some users rely on personal details such as date of birth and name of their pet, thinking that this is easy to remember and unknown to attackers. However, attackers are aware of this tendency among users.
Weak File Permissions
Proper security dictates the principle of least privilege. In a work environment, you want any file accessible only by those who need to access it to get work done. On a personal level, if you are planning a trip with family or friends, you might want to share all the files related to the trip plan with those going on that trip; you don’t want to share such files publicly. That’s the principle of least privilege, or in simpler terms, “who can access what?”
Weak file permissions make it easy for the adversary to attack confidentiality and integrity. They can attack confidentiality as weak permissions allow them to access files they should not be able to access. Moreover, they can attack integrity as they might modify files that they should not be able to edit.
Which of the following is a strong password, in your opinion?
Based on the top 7 passwords, let’s try to find Johnny’s password. What is the password for the user
Once you are logged in as Johnny, use the command
history to check the commands that Johnny has typed. We expect Johnny to have mistakenly typed the
root password instead of a command. What is the root password?
While logged in as Johnny, use the command
su - root to switch to the
root account. Display the contents of the file
flag.txt in the
root directory. What is the content of the file?