Basic%20Linux/System%20Security - PowerPoint PPT Presentation

About This Presentation
Title:

Basic%20Linux/System%20Security

Description:

Sign up for announcements list. Use automated update tools: up2date, red carpet ... Ssh key installer ftp://ftp.stearns.org. Sans training http://www.sans.org ... – PowerPoint PPT presentation

Number of Views:19
Avg rating:3.0/5.0
Slides: 15
Provided by: anneind
Learn more at: http://www.stearns.org
Category:

less

Transcript and Presenter's Notes

Title: Basic%20Linux/System%20Security


1
Basic Linux/System Security
  • Bill Stearns, Senior Research Engineer
  • Institute for Security Technology Studies,
  • Investigative Research for Infrastructure
    Assurance
  • Dartmouth College

2
Physical Security
  • Physical access to machines
  • Switches instead of hubs

3
Principle of least privilege
  • Fewest accounts necessary
  • Fewest open ports necessary
  • Fewest running applications

4
Root Account
  • Used as little as possible
  • Master key to a building
  • Apps use other accounts, if possible
  • People use su, sudo
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/sudo.v80.htm

5
Passwords
  • gt7 characters
  • Mixed case, letters and symbols
  • Not names or words
  • Keep private
  • Dont leave them out in the open
  • Change once a month to 6 months
  • Passphrases
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/essential_host_security.htm

6
Open ports
  • Close all unneeded applications
  • netstat anp or lsof to see whats open
  • Ntsysv, linuxconf to shut down
  • Firewalls as a special case for a network
  • Disable, or at least limit, file sharing
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/essential_host_security.htm

7
Plaintext network connections
  • Email, telnet, web traffic
  • Sniffers
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/ssh-intro.htm

8
Encrypted network connections
  • Ssh
  • Terminal session
  • File copying
  • Other TCP connections
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/ssh-techniques.v0.81.htm
  • IPSec
  • All packets traveling between systems or networks
  • http//www.freeswan.org
  • https web servers http//httpd.apache.org/related_
    projects.html

9
Package updates
  • Available from Linux distribution vendor
  • Sign up for announcements list
  • Use automated update tools up2date, red carpet
  • http//www.ists.dartmouth.edu/IRIA/knowledge_base/
    linuxinfo/essential_host_security.htm

10
Intrusion Detection System
  • Snort
  • Reports on attack packets based on a regularly
    updated signature file
  • Install inside the firewall
  • http//www.snort.org

11
Advanced techniques
  • Audited OS OpenBSD http//www.openbsd.org
  • Stack overflow protected OS Immunix
    http//www.immunix.org
  • Chroot applications, capabilities
  • Virtual machines VMWare and UML
  • http//www.vmware.com, http//www.user-mode-linux.
    sourceforge.net
  • TCFS http//tcfs.dia.unisa.it

12
Resources
  • Distribution security announcements list
  • ISTS Knowledgebase http//www.ists.dartmouth.edu/I
    RIA/knowledge_base/index.htm
  • Worm characterizations and removal tools
  • Linux and network security papers covering many
    of todays topics
  • Ssh key installer ftp//ftp.stearns.org
  • Sans training http//www.sans.org
  • Bastille Linux http//www.bastille-linux.org

13
Thanks
  • Les Morton, PSEG and Jim ONeill NJ InfraGard for
    inviting me
  • ISTS and George Cybenko for sponsoring the
    presentation

14
Contact
  • http//www.ists.dartmouth.edu/IRIA/
  • William Stearns wstearns_at_ists.dartmouth.edu
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com