1 / 15

UNIX SECURITY

UNIX SECURITY. Presented by Lisa Outlaw, CISA Information Systems Audit Supervisor. A BRIEF OVERVIEW. “Need to Know Basis” Baseline User Account Administration Password Administration Group or Role Administration File Permissions on Critical Files UMASK SUID & SGID Cron Syslog

daniel_millan
Download Presentation

UNIX SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UNIX SECURITY Presented by Lisa Outlaw, CISA Information Systems Audit Supervisor

  2. A BRIEF OVERVIEW • “Need to Know Basis” • Baseline • User Account Administration • Password Administration • Group or Role Administration • File Permissions on Critical Files • UMASK • SUID & SGID • Cron • Syslog • Services • Patches • Conclusion

  3. Need to Know Basis • When setting up security on your Unix systems, ensure that security is set up on a need to know need to use basis.

  4. Baseline • A Baseline ensures that security policies are implemented consistently and completely across various platforms. • Should be in a written form • Include specific instructions to achieve security on a specific server.

  5. User Account Administration • User Account Policies should address: • Immediate deactivation of Users Accounts for terminated employees • Superuser account procedures • Contractors Accounts • Naming Conventions for User accounts

  6. Password Administration • 60 to 90 day expiration for ordinary users • 30 day password expiration for superusers • Do not allow password sharing • Set minimum password lengths to at least 6 characters

  7. Group or Role Administration • Assign users with like responsibilities to groups

  8. File Permissions on Critical Files • Unix controls access to files, programs, and all other resources via file permissions. • Unix permission are controlled by three categories: Owner, Group, and World • Each category has the ability to either READ, WRITE, and/or EXECUTE Unix files or resources • Ex. –rwxr-x--x

  9. UMASK • Ensure that your UMASK settings automatically assigns each newly created file with the most secure file permission.

  10. SUID & SGID • SUID and SGID files allow the World user to temporarily assume the permissions of the Owner or Group users while using the program.

  11. CRON • Cron is the Unix Job scheduler • Many system administrators use the Cron to perform automatic full or incremental back-ups of the systems. • The Cron can also be used to email log files, clean up file system etc.

  12. Syslog • The syslog utility allows systems administrators to log various events occurring on the Unix system. • If Syslog is configured correctly, Unix can log many security events without the use of a third party plug-in.

  13. Services • The inetd.conf file controls the services that are allowed on the Unix system. • Make sure that only necessary services are activated • Unix comes with all services activated by default, and many of these services have severe security vulnerabilities.

  14. Patches • Ensure that your Unix systems are patched regularly. A policy should be adopted to ensure that all patches are tested and installed on a schedule.

  15. Conclusion • Although there are many other areas that can be addressed in a security baseline, the aforementioned areas mentioned will give you a headstart in addressing security for your Unix system, and should prepare your servers for our upcoming IS audits.

More Related