1 / 11

UNIX SYSTEM SECURITY

UNIX SYSTEM SECURITY. Tanusree Sen 005484258. Agenda. Introduction Three Different Levels of Security Security Policies Security Technologies Future of UNIX System security Conclusion References. Three Different Levels of security. Application Level

maris-holcomb
Download Presentation

UNIX SYSTEM SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UNIX SYSTEM SECURITY Tanusree Sen 005484258

  2. Agenda • Introduction • Three Different Levels of Security • Security Policies • Security Technologies • Future of UNIX System security • Conclusion • References

  3. Three Different Levels of security • Application Level • Operating System Level • Network Level Security

  4. DEFENDING AGAINST THE APPLICATION, OPERATING SYSTEM AND NETWORK LEVEL ATTACKS

  5. Security Policies • Device Security - Only Authorized person can perform - Volume manager should be disabled to prevent media device from automatically mounting - Check the origin of the software and check the checksum signature before installing - Data backup incase of disaster recovery • File systems Security - Minimum permission on files - Put a sticky bit on the important files and those have write permission - Regularly look for core files and delete them. • Remote Services Restriction - Services like telnet, rlogin, ftp should be kept disabled - All the services are controlled in inetd.conf. To disable these service comment the corresponding line in the inetd.conf file. - Restart the inetd.conf service either by rebooting or by giving kill -HUP command

  6. Security Policies(contd..) • Password policy - Should not be written on a piece of paper rather keep them in mind - Mixture of alphabets, numbers and non-alphabetic characters - Regular changing of passwords

  7. Security Technologies • SSH • Kerberos • Identity Management

  8. What is the future of UNIX System Security? • Everyday new features are implemented • Vendors are investing a huge amount of money • Research is going on more on virtualization and many big companies have their own operating systems virtualization technology

  9. conclusion • It is a very good practice to find out and identify that site specific security concern and define some preventive policies. • It is also encouraged to look for third party security software, if it is appropriate to implement. • But above all, users are the one who is going to follow these policies and for that he/she should understand the importance of it which only can be done by educating the employees and administrators.

  10. References • Skoudis, E, & Liston, T (2006). Counter Hack Reloaded A Step-By-Step Guide To Computer Attacks And Effective Defenses .New Jearsy: Pearson Education, Inc. • Dunn, R (n.d.) Introduction to Application-level Security. Retrieved October 24, 2007, from Enforcing Application-level Security in Modern Operating Systems Web site: http://www.cs.washington.edu/homes/rdunn/papers/rjd-generals.pdf • Wood, P, & Kochan, S (1985). UNIX System security. New Jersy/ Berkeley, California: Hayden Book Company • Farrow, R (1991). UNIX System Security How to protect Your Data and prevent Intruders. Addison- Wesley Publishing Company, Inc. • OS security tools. (n.d.). Retrieved November 16, 2007, from Operating System Security Web site: http://pages.cs.wisc.edu/~cao/cs537/lecture30.txt

  11. Thank You Any Question?

More Related