In the reading section we have learned about user groups and permissions. And here in this video we are going to learn more about user groups and permissions. In advanced level, here we will learn where the password files, the SAM file and other files are located shadow files. The salmon is in Windows version. And what we can do in advance for user, group and permissions so let's start. The authentication information is stored in plain text files.

In the locations as EDC, password shadow group, g shadow the password restores the usernames the shadow which stores the passwords for respective username. Similarly, the group is tours the group names and the G shadow is tours the group passwords. You can use various management tools however, you could not read shadow files. But with certain utilities, you could access those files. The location is a very obscure because you need to protect it securely, you must lock this location, the directory could be logged, and non root users could not access that file. The user management tools include as UI tools and ci tools that come system config users is a UI tool where you can manage user group and permissions.

And with CLA, you can use a user Add User mode and user tail delete. The securing of shadow files and the password files is very important, because certain kind of tools are there which can be used to sniff your password. There is a utility called rootkit, which can be installed in your brand in a pendrive different files. When that pendrive is connected to a system, it directly attacks that shadow file and certain location etc shadow and copies all the files that is placed there. So you must block all the copy, paste and other options. If you want to secure your system, you must also lock any external devices like USB or CD drive, you must lock it protected otherwise your system would be compromised.

System users and groups could be used the server programs such as web or printer search typically, which is run as unprivileged users not as root. You must secure it. Do not remember the root and payments That are called as background process in Linux mail LP and nobody, this could could be used as an unprivileged user, not as a rule, so this does not cause any accidental harm to the system. The running programs in this way limits the amount of damage that any single program can do because they could not access each location and does not could not perform various tasks. You can monitor the login. For connected users you can use w login and reboot history you can use last to see last login, who logged the last four failed login attempts you can check last B and for most recent login you can right command last log who logged the computer last thing the default permission Could be saved with four directories is a triple seven minus unmask triple seven means READ WRITE execute all permissions.

These are permitted for directories so carefully hide change the permissions for the directory which are sensitive, like the shadow side of that tree. The default permission for files is the directory default without execute permission. So you need to provide execute permission when you want to allow a user to execute a certain file. unmask is a set with unmask command and non privileged users unmask is 002. The files with have permission say of 664. The directories will have permission of 775 by default and users and mask is zero to two.

You could change it and this is a default You can add a special permission for executables. A special permission for executables could be placed with su ID and SDA to come up with an SU ID you could have the command which runs with permissions of the owner of the command not executed of the command. Okay, let's come on. And similarly as the it runs with a group affiliation of the group command, you can also create your own command and restore it with a shell script. Similarly, we can do with batch a script on Windows or you could get a special permission for directories or you can use a sticky bit for files and directories with a sticky bit that can set only remote by owner or dude Regardless of write permission for the directory, that could be removed do files or directories, which are defined with sticky bits can be removed only by user who created it or by root, who can do anything.

Whether right permission is allowed or not to the directory, similarly as di D is affiliated for a group with a similar functionality as SDK with. So we learned a brief about user group and permissions and we need to security keep in mind about a rootkit and various things about them. If we explore ethical hacking and cybersecurity, it would be considered and apart in your career, that would allow you to secure your network or database or your environment so You must explore be curious and keep learning keep moving ahead. You will learn more and implement more