• Like
Basic Linux Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Basic Linux Security

  • 1,664 views
Published

 

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,664
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
49
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • The Investigative Research for Infrastructure Assurance (IRIA) group is part of the Institute for Security Technology Studies (ISTS) at Dartmouth College. IRIA focuses on electronic crimes that involve or target computer networks, for example, the denial-of-service attacks that shut down Yahoo and other major web sites in February, 2000. Our web site at http://www.ists.dartmouth.edu/IRIA/ has more information about our projects and staff.
  • Both tools provide strong authentication for the host by checking a host key at each connection setup. If the host key changes, loud warnings go out and packets are not allowed to pass. Ssh also authenticates the user making the connection, by means of a password or passphrase.

Transcript

  • 1. Basic Linux/System Security
  • 2. Physical Security
    • Physical access to machines
    • Switches instead of hubs
  • 3. Principle of least privilege
    • Fewest accounts necessary
    • Fewest open ports necessary
    • Fewest running applications
  • 4. Root Account
    • Used as little as possible
      • Master key to a building
      • Apps use other accounts, if possible
      • People use su, sudo
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/sudo.v80.htm
  • 5. Passwords
    • >=7 characters
    • Mixed case, letters and symbols
    • Not names or words
    • Keep private
    • Don’t leave them out in the open
    • Change once a month to 6 months
    • Passphrases
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm
  • 6. Open ports
    • Close all unneeded applications
      • “ netstat –anp” or lsof to see what’s open
      • Ntsysv, linuxconf to shut down
    • Firewalls as a special case for a network
    • Disable, or at least limit, file sharing
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm
  • 7. Plaintext network connections
    • Email, telnet, web traffic
    • Sniffers
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-intro.htm
  • 8. Encrypted network connections
    • Ssh
      • Terminal session
      • File copying
      • Other TCP connections
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-techniques.v0.81.htm
    • IPSec
      • All packets traveling between systems or networks
      • http://www.freeswan.org
    • https web servers http://httpd.apache.org/related_projects.html
  • 9. Package updates
    • Available from Linux distribution vendor
      • Sign up for announcements list
      • Use automated update tools: up2date, red carpet
    • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm
  • 10. Intrusion Detection System
    • Snort
      • Reports on attack packets based on a regularly updated signature file
      • Install inside the firewall
    • http://www.snort.org
  • 11. Advanced techniques
    • Audited OS: OpenBSD http://www.openbsd.org
    • Stack overflow protected OS: Immunix http://www.immunix.org
    • Chroot applications, capabilities
    • Virtual machines: VMWare and UML
    • http://www.vmware.com , http://www.user-mode-linux.sourceforge.net
    • TCFS http://tcfs.dia.unisa.it
  • 12. Resources
    • Distribution security announcements list
    • ISTS Knowledgebase http://www.ists.dartmouth.edu/IRIA/knowledge_base/index.htm
      • Worm characterizations and removal tools
      • Linux and network security papers covering many of today’s topics
    • Ssh key installer ftp://ftp.stearns.org
    • Sans training http://www.sans.org
    • Bastille Linux http://www.bastille-linux.org