Secure your IT infrastructure with GNU/Linux

2,508 views

Published on

I first did this presentation way back in 2006 during foss enterprise event organized in Colombo.

Published in: Technology
1 Comment
2 Likes
Statistics
Notes
No Downloads
Views
Total views
2,508
On SlideShare
0
From Embeds
0
Number of Embeds
13
Actions
Shares
0
Downloads
49
Comments
1
Likes
2
Embeds 0
No embeds

No notes for slide

Secure your IT infrastructure with GNU/Linux

  1. 1. Secure your IT infrastructure with GNU/Linux By Buddhika Siddhisena Chief Technology Officer & Co-Founder's of ThinkCube Systems & Member's of LKLUG 1
  2. 2. Strategy ● Migrate Core services ● Migrating other services ● Desktop replacements 2
  3. 3. Core services ● Email ● Web site ● Proxy ● File sharing ● Printer sharing 3
  4. 4. Email Server ● Email Server Software – Sendmail is the most popular – Postfix and Exim are other popular ones ● Email Authentication – Unix account authentication – MySQL authentication – LDAP authentication 4
  5. 5. Email Clients ● Any client which supports SMTP/IMAP/POP ● Web mail – OpenWebMail (perl) – Horde (php) – Zimbra (java) 5
  6. 6. Email + Virus + Spam ● SPAM detection – Spam Assassin (rule based) – Dspam (statistical) ● Virus scanners – ClamAV ● Virus to Mail server interfaces – Amavis – MailScanner 6
  7. 7. Web & Proxy ● Recommended Web server is Apache 2.x ● Recommended Proxy server is SQUID ● SQUID to virus scanner interfaces – Squirm – Squidguard – squidcalm 7
  8. 8. File Shares ● File sharing – SAMBA, implements the SMB/NMB protocols – WebDAV, uses apache to upload/download files – SFTP/SCP, Secure FTP or Secure Copy. Part of OpenSSH 8
  9. 9. Printer Sharing ● CUPS (Common Unix Printing System) – Implements IPP (Internet Printing Protocol) – SAMBA can be configured to share printers ● Printer Drivers – Foomatic drivers – GIMP Print Drivers 9
  10. 10. Other services ● Firewalls ● Windows PDC/AD ● Databases ● VOIP/FAX ● Network monitoring 10
  11. 11. Firewalls ● Linux already has a built in firewall called IPTables ● SELinux for application level security 11
  12. 12. PDC/BDC/AD ● SAMBA can be configured for all of these scenarios. ● OpenLDAP or Fedora Directory can be used to implement directory services. 12
  13. 13. Databases ● MySQL is a much better replacement for MS Access or MSSQL. ● PostgreSQL can replace Oracle & MSSQL. 13
  14. 14. VOIP/FAX ● Asterisk is a popular SIP based VOIP server. – Peer-to-peer calls via a VOIP phone. – Conferencing support – Interface with PSTN lines and provide PBX functionality ● HylaFAX is a popular FAX server. 14
  15. 15. Net Monitor ● LAN monitoring tools. – netcat. – Ntop ● Log Analyzers – Webalizer (http,squid etc.) – Awstats (http,squid,mail etc.) 15
  16. 16. Desktop Replacements ● Replace IE with Firefox ● Replacing Microsoft Office with OpenOffice.org ● Replace Outlook with Thunderbird for simple email functionality ● Replace Photoshop with Gimp ● Replace Corel Draw with Inkscape 16
  17. 17. Which Distribution ● If you want to run a Server... – Redhat AS (Commercial) – SuSE Enterprise (Commercial) – CentOS (Redhat AS compatible) – Debian Stable/Testing – Ubuntu Server 17
  18. 18. Which Distribution ● If you want to run a desktop client... – Ubuntu (Gnome based) – Kubuntu (Kde based) – Fedora – Open SUSE – Debian Testing/Unstable 18
  19. 19. Software Wars 19
  20. 20. Thank You 20

×