1 / 14

Basic Linux/System Security

Basic Linux/System Security. Bill Stearns, Senior Research Engineer Institute for Security Technology Studies, Investigative Research for Infrastructure Assurance Dartmouth College. Physical Security. Physical access to machines Switches instead of hubs. Principle of least privilege.

micheal
Download Presentation

Basic Linux/System Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Basic Linux/System Security Bill Stearns, Senior Research Engineer Institute for Security Technology Studies, Investigative Research for Infrastructure Assurance Dartmouth College New Jersey Infragard

  2. Physical Security • Physical access to machines • Switches instead of hubs New Jersey Infragard

  3. Principle of least privilege • Fewest accounts necessary • Fewest open ports necessary • Fewest running applications New Jersey Infragard

  4. Root Account • Used as little as possible • Master key to a building • Apps use other accounts, if possible • People use su, sudo • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/sudo.v80.htm New Jersey Infragard

  5. Passwords • >=7 characters • Mixed case, letters and symbols • Not names or words • Keep private • Don’t leave them out in the open • Change once a month to 6 months • Passphrases • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm New Jersey Infragard

  6. Open ports • Close all unneeded applications • “netstat –anp” or lsof to see what’s open • Ntsysv, linuxconf to shut down • Firewalls as a special case for a network • Disable, or at least limit, file sharing • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm New Jersey Infragard

  7. Plaintext network connections • Email, telnet, web traffic • Sniffers • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-intro.htm New Jersey Infragard

  8. Encrypted network connections • Ssh • Terminal session • File copying • Other TCP connections • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/ssh-techniques.v0.81.htm • IPSec • All packets traveling between systems or networks • http://www.freeswan.org • https web servers http://httpd.apache.org/related_projects.html New Jersey Infragard

  9. Package updates • Available from Linux distribution vendor • Sign up for announcements list • Use automated update tools: up2date, red carpet • http://www.ists.dartmouth.edu/IRIA/knowledge_base/linuxinfo/essential_host_security.htm New Jersey Infragard

  10. Intrusion Detection System • Snort • Reports on attack packets based on a regularly updated signature file • Install inside the firewall • http://www.snort.org New Jersey Infragard

  11. Advanced techniques • Audited OS: OpenBSD http://www.openbsd.org • Stack overflow protected OS: Immunix http://www.immunix.org • Chroot applications, capabilities • Virtual machines: VMWare and UML • http://www.vmware.com, http://www.user-mode-linux.sourceforge.net • TCFS http://tcfs.dia.unisa.it New Jersey Infragard

  12. Resources • Distribution security announcements list • ISTS Knowledgebase http://www.ists.dartmouth.edu/IRIA/knowledge_base/index.htm • Worm characterizations and removal tools • Linux and network security papers covering many of today’s topics • Ssh key installer ftp://ftp.stearns.org • Sans training http://www.sans.org • Bastille Linux http://www.bastille-linux.org New Jersey Infragard

  13. Thanks • Les Morton, PSEG and Jim O’Neill NJ InfraGard for inviting me • ISTS and George Cybenko for sponsoring the presentation New Jersey Infragard

  14. Contact • http://www.ists.dartmouth.edu/IRIA/ • William Stearns wstearns@ists.dartmouth.edu • Questions? New Jersey Infragard

More Related