Your SlideShare is downloading. ×
0
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Basic Linux Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Basic Linux Security

1,830

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,830
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
62
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • The Investigative Research for Infrastructure Assurance (IRIA) group is part of the Institute for Security Technology Studies (ISTS) at Dartmouth College. IRIA focuses on electronic crimes that involve or target computer networks, for example, the denial-of-service attacks that shut down Yahoo and other major web sites in February, 2000. Our web site at http://www.ists.dartmouth.edu/IRIA/ has more information about our projects and staff.
  • Both tools provide strong authentication for the host by checking a host key at each connection setup. If the host key changes, loud warnings go out and packets are not allowed to pass. Ssh also authenticates the user making the connection, by means of a password or passphrase.
  • Transcript

    • 1. Basic Linux/System Security
    • 2. Physical Security <ul><li>Physical access to machines </li></ul><ul><li>Switches instead of hubs </li></ul>
    • 3. Principle of least privilege <ul><li>Fewest accounts necessary </li></ul><ul><li>Fewest open ports necessary </li></ul><ul><li>Fewest running applications </li></ul>
    • 4. Root Account <ul><li>Used as little as possible </li></ul><ul><ul><li>Master key to a building </li></ul></ul><ul><ul><li>Apps use other accounts, if possible </li></ul></ul><ul><ul><li>People use su, sudo </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/sudo.v80.htm </li></ul>
    • 5. Passwords <ul><li>>=7 characters </li></ul><ul><li>Mixed case, letters and symbols </li></ul><ul><li>Not names or words </li></ul><ul><li>Keep private </li></ul><ul><li>Don’t leave them out in the open </li></ul><ul><li>Change once a month to 6 months </li></ul><ul><li>Passphrases </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
    • 6. Open ports <ul><li>Close all unneeded applications </li></ul><ul><ul><li>“ netstat –anp” or lsof to see what’s open </li></ul></ul><ul><ul><li>Ntsysv, linuxconf to shut down </li></ul></ul><ul><li>Firewalls as a special case for a network </li></ul><ul><li>Disable, or at least limit, file sharing </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
    • 7. Plaintext network connections <ul><li>Email, telnet, web traffic </li></ul><ul><li>Sniffers </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-intro.htm </li></ul>
    • 8. Encrypted network connections <ul><li>Ssh </li></ul><ul><ul><li>Terminal session </li></ul></ul><ul><ul><li>File copying </li></ul></ul><ul><ul><li>Other TCP connections </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-techniques.v0.81.htm </li></ul><ul><li>IPSec </li></ul><ul><ul><li>All packets traveling between systems or networks </li></ul></ul><ul><ul><li>http://www.freeswan.org </li></ul></ul><ul><li>https web servers http://httpd.apache.org/related_projects.html </li></ul>
    • 9. Package updates <ul><li>Available from Linux distribution vendor </li></ul><ul><ul><li>Sign up for announcements list </li></ul></ul><ul><ul><li>Use automated update tools: up2date, red carpet </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
    • 10. Intrusion Detection System <ul><li>Snort </li></ul><ul><ul><li>Reports on attack packets based on a regularly updated signature file </li></ul></ul><ul><ul><li>Install inside the firewall </li></ul></ul><ul><li>http://www.snort.org </li></ul>
    • 11. Advanced techniques <ul><li>Audited OS: OpenBSD http://www.openbsd.org </li></ul><ul><li>Stack overflow protected OS: Immunix http://www.immunix.org </li></ul><ul><li>Chroot applications, capabilities </li></ul><ul><li>Virtual machines: VMWare and UML </li></ul><ul><li>http://www.vmware.com , http://www.user-mode-linux.sourceforge.net </li></ul><ul><li>TCFS http://tcfs.dia.unisa.it </li></ul>
    • 12. Resources <ul><li>Distribution security announcements list </li></ul><ul><li>ISTS Knowledgebase http://www.ists.dartmouth.edu/IRIA/knowledge_base/index.htm </li></ul><ul><ul><li>Worm characterizations and removal tools </li></ul></ul><ul><ul><li>Linux and network security papers covering many of today’s topics </li></ul></ul><ul><li>Ssh key installer ftp://ftp.stearns.org </li></ul><ul><li>Sans training http://www.sans.org </li></ul><ul><li>Bastille Linux http://www.bastille-linux.org </li></ul>

    ×