Installing Google Chrome on Ubuntu Hardy

With the release of Google Chrome last week, it was interesting to see all the articles that popped up with Linux users installing Google Chrome (Which is a windows product at present) on Linux. The biggest problem I found was that you need the latest version of WINE to get this working, and no amount of “apt-get update | apt-get install wine” will work.

Updating WINE

The first step is to update your WINE version to 1.1.4.

wget -q http://wine.budgetdedicated.com/apt/387EE263.gpg -O- | sudo apt-key add -

sudo wget http://wine.budgetdedicated.com/apt/sources.list.d/hardy.list -O /etc/apt/sources.list.d/winehq.list

sudo apt-get update

Installing prerequisites

There’s a few software packages you need in order to get Chrome up and running. Winetricks is a script which allows you to quickly download necessary windows components.

Note: The last command below will install FIREFOX in WINE, you’ll see why in a second.

wget http://www.kegel.com/wine/winetricks

mv winetricks /usr/sbin/

winetricks riched20 riched30 flash msxml3 corefonts firefox

Installing Chrome

During the above process, you’ll be prompted to install FireFox 3. Proceed with the WINE installation of Firefox.
Note: Yes I know you can get around this step by not installing FireFox, but this way seems to the be the easiest way to do it.

Once Firefox is installed in Wine, RUN Firefox in WINE and visit

http://www.google.com/chrome/

Download Chrome and run the Chrome setup. It will proceed to download and install the Google Chrome browser. Once it’s complete, use the following command to run Chrome.

Running Google Chrome

wine “$HOME/.wine/drive_c/windows/profiles/$USER/Local Settings/Application Data/Google/Chrome/Application/chrome.exe” –no-sandbox –new-http

And there you have it. A fairly simple way to get Chrome up and running on Ubuntu Hardy.

Sources: Ubuntu Forums

Preconceptions About Network Security

A common preconception about network security is that as long as the firewall is working and preventing all unauthorized access to internal devices (that’s incoming traffic) – then the firewall is doing its job. However this often isn’t the case and a number of recent attacks have proved this. This misconception is held amongst many sys admins and their IT managers, who often turn their back on security news with the idea that they have a firewall; they are protected.

I wanted to demonstrate how an attacker with a targeted victim, can gain access and infiltrate an organizations network.

When I say targeted victim, I mean the attacker specifically wants to target a certain organisation and has re-arranged his tools to suit the environment at hand. Many of these attacks are planned and a rough outline can be seen below.

For this little example, lets call the Attacker Bob and the company “Widgets Limited”.

Attackers goal: Bob wants to gain access to Widget’s internal network.

Bob knows that Widget’s has a strict firewall policy which has a number of open ports such as SMTP and FTP. After failing to exploit these two services, Bob moves on to a more complex approach using a little social engineering and a basic web vulnerability.

Step 1:

Bob visits social networking site; linkedin.com and looks for employees that work for Widgets. He finds out that Lisa and Mary both work for Widgets and have each other on their friends list. (Concept works for Facebook too)

Step 2:

Through the use of Google, Bob may be able to tell what email address format Widgets use (“@widgets.com”) and therefore will be able to determine whether the company uses simply “Lisa@widgets.com” or perhaps “lisa.lastname@widgets.com”.

Step 3:

In the next step, Bob sets up a website with javascript code known to exploit either Internet Explorer or other addons such as Adobe Flash player. (A exploit was found in the version of Adobe Flash that comes with Microsoft’s XP service pack 3″)

Step 4:

Remember those two Widget employees Bob found earlier? Bob can then send Lisa an email with a link to the website he created, and by spoofing the sender address, can make it look like it came from Mary, the other Widget employee. Bob uses the sender address format he found in Step 2 so that its sent to the correct Lisa. Bob might make the email say something like “Checkout this funny video”.

Step 5:

When Lisa visits the page, the exploit is injected into the operating system – which is most likely shell code designed to perform a certain function, or perhaps a trojan is loaded allowing Bob to take control.

But how can the attacker connect to Lisa’s machine; there’s a firewall!!

Why should sys admins restrict outbound traffic, I mean my employees aren’t hackers!

Ah but most firewalls generally allow outgoing traffic, so Bob configures the trojan to use a Backconnect script which tells the trojan to make a connection BACK to Bob’s computer – bypassing the firewall.

As you can see in this example, Bob is able to achieve his goal of gaining access to the Widgets network. From here, Bob could run network scans on internal subnets to asses further machines he could compromise. Have an unpatched domain controller? Bam – Bob is in and you don’t want to know what damage he can do. Bob could also use ARP poisoning tools which will allow him to perform man in the middle attacks (article coming soon), which allow data from a particular host to route through a certain network device.

What can I do to stop this?

Keep your Anti-Virus up to date!

Ensure all PC’s have an updated anti-virus program designed to be proactive! (Kaspersky 6.0 for workstation does a great job at this!)

Patch your network devices!

Nessus is a vulnerability scanner which has the ability to scan all machines in a particular subnet. Nesses can report;
-Hosts that need Microsoft updates
-Hosts that have exploitable software (Such as Adobe Flash, old versions of Firefox, IE, etc)

Limit outgoing traffic!

Create a firewall policy to only allow outgoing traffic on the ports people need! If your clients only need web access to browse the web, only open port 80! While this might help prevent Bob from using a backconnect script, he can always connect through port 80 ..

I’d love to hear peoples thought’s on this topic so feel free to add comments! Valuable comments will have their content injected into the post to help educate others.