Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Basic Linux Security

3,409 views

Published on

  • Be the first to comment

Basic Linux Security

  1. 1. Basic Linux/System Security
  2. 2. Physical Security <ul><li>Physical access to machines </li></ul><ul><li>Switches instead of hubs </li></ul>
  3. 3. Principle of least privilege <ul><li>Fewest accounts necessary </li></ul><ul><li>Fewest open ports necessary </li></ul><ul><li>Fewest running applications </li></ul>
  4. 4. Root Account <ul><li>Used as little as possible </li></ul><ul><ul><li>Master key to a building </li></ul></ul><ul><ul><li>Apps use other accounts, if possible </li></ul></ul><ul><ul><li>People use su, sudo </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/sudo.v80.htm </li></ul>
  5. 5. Passwords <ul><li>>=7 characters </li></ul><ul><li>Mixed case, letters and symbols </li></ul><ul><li>Not names or words </li></ul><ul><li>Keep private </li></ul><ul><li>Don’t leave them out in the open </li></ul><ul><li>Change once a month to 6 months </li></ul><ul><li>Passphrases </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
  6. 6. Open ports <ul><li>Close all unneeded applications </li></ul><ul><ul><li>“ netstat –anp” or lsof to see what’s open </li></ul></ul><ul><ul><li>Ntsysv, linuxconf to shut down </li></ul></ul><ul><li>Firewalls as a special case for a network </li></ul><ul><li>Disable, or at least limit, file sharing </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
  7. 7. Plaintext network connections <ul><li>Email, telnet, web traffic </li></ul><ul><li>Sniffers </li></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-intro.htm </li></ul>
  8. 8. Encrypted network connections <ul><li>Ssh </li></ul><ul><ul><li>Terminal session </li></ul></ul><ul><ul><li>File copying </li></ul></ul><ul><ul><li>Other TCP connections </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-techniques.v0.81.htm </li></ul><ul><li>IPSec </li></ul><ul><ul><li>All packets traveling between systems or networks </li></ul></ul><ul><ul><li>http://www.freeswan.org </li></ul></ul><ul><li>https web servers http://httpd.apache.org/related_projects.html </li></ul>
  9. 9. Package updates <ul><li>Available from Linux distribution vendor </li></ul><ul><ul><li>Sign up for announcements list </li></ul></ul><ul><ul><li>Use automated update tools: up2date, red carpet </li></ul></ul><ul><li>http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm </li></ul>
  10. 10. Intrusion Detection System <ul><li>Snort </li></ul><ul><ul><li>Reports on attack packets based on a regularly updated signature file </li></ul></ul><ul><ul><li>Install inside the firewall </li></ul></ul><ul><li>http://www.snort.org </li></ul>
  11. 11. Advanced techniques <ul><li>Audited OS: OpenBSD http://www.openbsd.org </li></ul><ul><li>Stack overflow protected OS: Immunix http://www.immunix.org </li></ul><ul><li>Chroot applications, capabilities </li></ul><ul><li>Virtual machines: VMWare and UML </li></ul><ul><li>http://www.vmware.com , http://www.user-mode-linux.sourceforge.net </li></ul><ul><li>TCFS http://tcfs.dia.unisa.it </li></ul>
  12. 12. Resources <ul><li>Distribution security announcements list </li></ul><ul><li>ISTS Knowledgebase http://www.ists.dartmouth.edu/IRIA/knowledge_base/index.htm </li></ul><ul><ul><li>Worm characterizations and removal tools </li></ul></ul><ul><ul><li>Linux and network security papers covering many of today’s topics </li></ul></ul><ul><li>Ssh key installer ftp://ftp.stearns.org </li></ul><ul><li>Sans training http://www.sans.org </li></ul><ul><li>Bastille Linux http://www.bastille-linux.org </li></ul>

×