3.2 Services (KL)

00:00

Hello and welcome to this Callie fundamentals lesson. I'm very excited to be here with you today, so we're giving. Ready to jump into service is in some of the default configurations when you first turn on Callie Lennox. So if you've been asking yourself,

00:15

how exactly do I go about getting sshh toe work, right? Notice that I don't have anything listening when I do that. Nets that commanded the

00:22

the beginning of booting up. Well, the good news is today we're going to get into ah, high level understanding of initial service settings. And Callie were going to understand and walk away with some service and process management techniques, and we're gonna have ah ah, high level understanding of how to configure Service's.

00:40

So I'm going to go ahead and pull our lab environment over,

00:43

and I'm using the host data integrity Baseline Labs. I'm using the Cali machine that they have their to do these exercises and show you some of the things we're gonna learn today.

00:53

So let's start off with a quick net stats. So we talked about that in the last lesson

00:58

in the a M. T. P. So you'll notice here that we don't have anything listening. There's really nothing going on. And so what we want to do is by default, http service is like Apache and sssh aren't enabled in Cali, Lennox. And that's because if you're going to do a pin test or you're doing some type of forensic street doing something of that nature,

01:17

you don't want your system to be very noisy, noisy,

01:19

and you don't want anything to pick it up on the network if you've got a threat, actor or something like that going around in sniffing things and so we can quickly do a service. So typically you start with service and then the name of the service. So we'll do Apache two for http Service is and we'll do start,

01:38

and that will start. Our Apache service is, and then we'll do service.

01:42

Um sshh start

01:45

and that will start. Our sssh service is so now when we do that Net stay N tp command. You'll see here that we've got some things listening. So there's the SS H Service's. There's the Apache to which will be your Web server. So are the Web service is, and so you can see now that we've got some stuff listening that we may not wanna have listening by default.

02:05

So very interesting. Step there. So you may be asking. Well, that's neat, you know? And you can use that service method. So service the service name and then start stop, and that will stop the service. So if I do service, you know, the Apache to do stop,

02:23

you'll see here

02:25

that it's no longer listening. So you may be asking. Well, I won't s estates to start up by default When I boot up my machine, I want to use it, you know, every day. And I need I need that for management person purposes. So you can do an update our cd

02:39

dot d there as this h enable.

02:44

And now, whenever you reboot the system or whatever the case may be, S s a should be started by default. But if you don't make that change, S S H and the Apache service's upon a reboot should not be up and running.

02:55

Now. You might be wondering how I manage, you know, processes and things of that nature much like you do in windows. So let's say that I start ice weasel here

03:06

and okay, it's up now let's say I've been working in it and it freezes. Well, you could do a PS for process and an ox, and that will show you everything that's pretty noisy. You can see down here that there's ice weasel and the process I d. Number.

03:19

Now let's say you had a longer list than that, and you wanted to know it down so you could do a PS ox and then you can do Ah ah, pipe here

03:29

and then you can do grip, which allows you to get information on the fouls or outputs. And so when I do PS socks

03:37

and then I do this pipe and grip, it's going to feed that output through this great command, essentially, and I could do ice

03:45

and bang. Now I've got it kind of narrowed down to these few things that are associated with ice, and I can see ice weasel here pretty easy. Now let's say I want to kill that so you'll see down here that we're still running ice weasel. So if I do kill, which will kill a process and then our process i d. Here's 3363

04:04

It's done it killed the process. So that's a very high level Overview of how to kind of, you know, look for process is how to kill processes if they're giving you trouble. And, uh, you know, you could move through that as you learn the ropes and continue to adventure into some of that.

04:20

Now, let's do this command again. The nets, that a m t P now looking here we see that S s h is still running and the program name overhears S s h D. Well, let's say that I don't want it to run off that default port of 22 there. So there are config files this we had discussed for each of these service is so if I do,

04:41

let's see a CD, and I need to goto, etc. Sshh, which is where the config file is.

04:46

You'll see here that we haven't config file for S s h d. Okay, so if I do nano ss HD config,

04:54

I could now see a number of different things here. Each of these kind of hashtag pound symbols essentially comments out or makes it invalid input. So if I were to do something like this it would essentially make it to where that port wasn't running. But what we can do is let's say I want my new port to be 2 to 12 Okay,

05:14

so I do,

05:15

um, on O R control. Oh, and that'll save the output to that config file. I'll do control X to exit.

05:21

All right, now,

05:25

you'll notice it's still running on 22 that's because I have to restart the service in order for it to take effect the new configuration

05:31

so I could do service. Sssh! Restart.

05:36

It will restart,

05:39

and then you'll notice that my port that I'm running that sssh service off now is 2 to 12 and that's what it's listening on for connections. So at a high level, you know, that's how we're going to be able to manage. Service is, and that's how we're going to be able to start and stop. Service is using that service command. There are other commands that you can use demanded service is

05:59

managing processes and config files and things of that nature. To make changes to different service is

06:03

so. Don't limit that to just what we looked at here today. You could do that with any number of config, files or other service is when you're troubleshooting are trying to customize your instance in its configuration.

06:15

So with all of that in mind, let's do a quick check on learning. So how would you enable sshh automatically a problem boot? Well, we talked about each of these auto Sshh, we didn't even discuss that. That's not a valid choice here. Service. Sshh start just starts the service, but it does not do so upon a boot. You have to do this manually,

06:34

Nets. That S s h isn't a valid combination of commands, so that's not a valid answer.

06:41

So remember, we have to do the update. Dash r c dot D. S S H enable Command, in order to start sssh. Service is when we reboot the system or something of that nature.