Your SlideShare is downloading. ×
0
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
A pinguin as a bouncer... Open Source Security Solutions
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

A pinguin as a bouncer... Open Source Security Solutions

401

Published on

Rough sidenotes i used for a presentation on open source security solutions for the handsonlab open source @ schoten 18th of october 2011

Rough sidenotes i used for a presentation on open source security solutions for the handsonlab open source @ schoten 18th of october 2011

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
401
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Purpose of presentation: 20 slides, 20 seconds, maximum presentation time of 6 minutes Objective: visionary and innovating introduction
  • Keywords: A) Virtual; Integrated; Enterprise; Federated; Combined; Contextual; Ad hoc; Distributed; Structured; Aggregated B) Information; Data; Knowledge; Wisdom; Query; Content; Schema; Resource; Model C) Integration; Infrastructure; Base; Broker; Systems; Management; Convergence; Architecture; Solution; Federation;
  • Connect keywords with focus Keywords for Mobility: Freedom, Future, Productivity Keywords for Security: Threats, Globalisation, Competition Keywords for Virtualisation: Environment, Cost control, Financial crisis Keywords for Digitisation: Future, Sustainability, Preservation; Competition
  • Transcript

    • 1.
        A pinguin as bouncer Open source security solutions Jan Guldentops ( [email_address] ) BA N.V. ( http://www.ba.be )
    • 2. RIP Dennis Ritchie (1941 - 2011)
    • 3.
        ABout BA
        More information
    • 4.
        I nformation I ntegration
        i
    • 5.
        Our Commitment Ask our partners
    • 6.
        Our Commitment Ask our clients
        Government
        Non-profit
        Enterprise
        Association Vincotte Nuclear, Idewe, Handicap international, Jeugd en Stad Vzw)
        Hamburger Mannheimer, Didak Injection, Credimo, Nollekens (PGZ International), Altrad Havico, Paratel, Sodexo, Securex
        Leuven, Hasselt, Boom, Overpelt, Mortsel, Ranst, Lummen, Olen, ST-Katelijne-Waver, Kasterlee, Oud-Turnhout, OCMW Kontich, PZ Noord, Balen, Schoten, Zwijndrecht, KBR
    • 7.
        Information Integration BA’s infrastructure for:
        Digitisation
        Security
        Mobility
        Virtualisation
        Data Storage and Warehousing
        Data Protection and Integrity
        Digital Preservation and Archiving
        Data Access and Portability
    • 8.
        Why BA? Principles
        Experienced
        Committed
        Access to local know how from a motivated team contributing to solving problems
        Offering cost effective open source integrations and IT services since more than 12 years
        Reliable
        Long standing reputation as security innovator and managed solutions provider
    • 9.
        BA & Open Source Principles
        Oldest Belgian Linux Company
        Focus on open source
        > 90% of the solutions we deliver are open source.
        Delivering Linux & open source solutions since 1996.
        Realism no fundamentalism
        We are convinced that open source is the best solution without loosing grip with reality.
    • 10.
        Who am I ?
      • Jan Guldentops (°1973)
        • Building server- and ict infrastructures and solutions for > 15 years
        • 11. Open source / Linux user since 1993
        • 12. Founder of Better Access (°1996) / BA (°2003)
        • 13. Open Source Fundamentalist (in my free time)
        • 14. Pass a lot of my time in the lab
    • 15.
        I am not a security expert
      • Beware of experts and consultants !
      • 16. Rolled into it by putting securityproblems in the lab and proving they are real !
      • 17. But I have been researching and trying to develop solutions since 1996.
      • 18. Involved in :
        • V-ict-or security task force
        • 19. Infosecurity
    • 20. Who are you ?
    • 21.
        BA and security
      • Standardized open source solutions :
        • Secure Firewalling Platform
        • 22. Monitoring Platform
        • 23. Packaged Antispam
        • 24. Web Application Firewall
      • “ Mac Guyver”-projects
        • Troubleshooting
        • 25. Developping custom solutions largely based on open source
    • 26.
        What is security ?
      • A term that is often abused
      • Guarantee in CIA
    • 31.
      • There is no such thing as absolute security
      • Absolute security is an illusion
      • 32. Allways balance between useability / security
      • 33. Common sense is the best security product
      • 34. Plan for the worse
        • Security policy
        • 35. Good systemadministration
        • 36. Keep in the back of your head that things can go wrong
    • 37. Religious wars
      • Open source is more secure than closed source
        • In se it is not but :
          • More eyeballs
          • 38. No security by obscurity
          • 39. Easier to fix problems
      • BSD versus Linux
        • BSD is what you get when a bunch of UNIX hackers sit down to try to port a UNIX system to the PC. Linux is what you get when a bunch of PC hackers sit down and try to write a UNIX system for the PC.
    • 40. Lots of hidden open source in commercial solutions
      • 60 % of appliances today have some sort of open source embedded in them
        • The underlying OS
        • 41. Parts of software such as webservers, application servers, etc.
      • Just to name a few :
        • Checkpoint, Vasco, Mobile Iron, Vmware, Barracuda , Blue Coat, Netgear, Cisco
        • 42. But also: Facebook, Amazon, Google
    • 43. Security stuff embedded in the OS
      • Hardening linux and other OS to make them more secure
        • Minimal install, minimal running services, minimal users, etc.
      • Secure administration
        • Strong authentication, decent passwords, secure administration
      • Firewalling
      • 44. Setup servers in a correct way
      • 45. Hostbased IDS
    • 46. SELINUX
      • Security Enhanced Linux
        • Donated to linux by NSA in 2000
        • 47. Mandatory Access Controll through a kernel module
      • Every process / hardware / file has 3 string context (Role, User, Domain)
        • Read execute bind connect
      • Easy to create policies and tell exactly what a proces can do
    • 48. Firewalls
      • Advanced networking tools in Linux
        • Ipv6, bridging, QoS, traffic shaping, tagged vlans, etc.
      • Firewalling through iptables
      • 49. Very cheap devices available
        • e.g. Netgear WRT3700
    • 50. Iptables firewalls
      • Traditionally initscripts with the iptables commands in them
      • 51. Bad webinterfaces
      • 52. We use : Fwbuilder
        • http://www.fwbuilder.org
    • 53. FWBuilder
      • One program to manage all firewalling, routing and NAT
      • 54. Works on a workstation and creates two files :
        • Xml file with all metainfo
        • 55. Initscript
      • Can create firewallinscripts for Cisco, bsd, linux, Procurve with one rule and objectset !
    • 56. Web application firewalls
      • Firewall on an http(s) level
        • Apache in combination with mod_security, mod_rewrite, mod_proxy
        • 57. Checks / logs every request
        • 58. Prevent known security problems
        • 59. Temporally patch new holes in your webapp
        • 60. Logs everything for forensic research
    • 61. Authentication / user management
      • Strong need for one user/rightsbase (Directory)
        • Openldap
        • 62. Edirectory / Red Hat Directory
      • If you have to integrate with AD
      • 63. Security through kerberos
      • 64. Strong authentication
        • Complete EID integration
        • 65. Certificates, tokens
    • 66. VPN solutions
      • Traditional VPN solutions
      • Openvpn
        • Crossplatform, works through allmost every network, compresses and easy to use
        • 68. Two implementations
          • Certificate based
          • 69. Password based
    • 70. SSL VPN's
      • Webbased vpn's
      • 71. There was an excellent solution : Ssl explorer
      • 72. Bought by Barracuda, no more open source dev
      • 73. Fork Adito, later Openvpn ALS but not really a lot of development
    • 74.
        Vulnerability assessment tools
      • The grandfather :
        • SATAN
      • Current :
      • Lots of other smaller tools
        • e.g. Nmap, hydra, crack, webscarab, Nikto, Kismac, L0phtcrack, etc.
      • Sniffers: tcpdump / wireshark
      • 76. Good distro: backtrack
    • 77. NMAP/NESSUS/OPENVAS
      • What can you do with this ?
        • Inventarise your network
        • 78. Check for
          • remote and local exploitable vulnerabilities
          • 79. Misconfiguration (e.g. open mail relay, missing patches, etc).
          • 80. Bad passwords
          • 81. DoS Vulnerabilities
    • 82. IDS
      • Networkbased IDS
        • Snort
        • 83. Sniffs the network and looks for predefined attack signatures
        • 84. Alerts you for potential attacks
        • 85. Can be combined with scripts that automagically change the firewall
      • Hostbased IDS
        • Checks if there is nothing rotten in the kitchen
        • 86. Aide, samhain, tripwire
    • 87. Antispam
      • Step 1: Correct MTA configuration
      • Step 2: Check content for typical known spam
      • Step 3: Manage your spam (e.g. Maia)
    • 91. Niches / remarks
        • e.g. SQL firewall (greensql)
          • Allows you to filter sql queries through a proxy to prevent attacks
        • Monitoring
          • Use specialised monitoring to keep an eye on the security / status of your infrastructure
          • 92. e.g. nagios
    • 93. New trends
      • Cloud / Consumerism
        • Software as a service
        • 94. Platform as a service
      • Virtualisation
      • 95. Mobile
        • Android is a strong competitor
    • 96.
        Thank You Contact us
        016/ 29.80.45
        016/ 29.80.46
        www.ba.be
        Vaartdijk 3/501 B-3018 Wijgmaal
        [email_address]
        Twitter: JanGuldentops

    ×