1 / 23

Linux: Networking & Security

Linux: Networking & Security. Feng Gao 104504 2000-08-31. Objective (1). Give an overview of the networking capacities of the Linux OS Networking protocols Capacity for file sharing & printing Capacity for Internet/Intranet services Capacity for remote execution of application

swain
Download Presentation

Linux: Networking & Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Linux:Networking & Security Feng Gao 104504 2000-08-31

  2. Objective (1) • Give an overview of the networking capacities of the Linux OS • Networking protocols • Capacity for file sharing & printing • Capacity for Internet/Intranet services • Capacity for remote execution of application • Capacity for acting as network interconnection • Capacity for network management

  3. Objective (2) • Talk about some security tools for Linux network • Monitoring tools • Network services • System integrity • Management & limitation

  4. Brief Introduction of Linux OS • A Unix like operating system • Completely open source code • no royalty or licensing fees • the source code can be modified to fit users’ needs • Fast, powerful, and extremely stable • Cross hardware and platform • Tons of application software • Created by and for the Internet

  5. Why Linux is a choice for network • Cheap & portable • Ideal for many small to medium businesses • Open source code • Tons of applications are freely available • Modifiable whenever/wherever needed • Robustness

  6. Who uses Linux? Besides ISPs and other Web companies, the following companies had some Linux servers installed in 1997. • Ford Motor Co. • NASA • Disney • General Electric • IRS • UPS • NASDAQ • Boeing • many leading US Universities • Used for gateways, routers, file and print servers, database servers, computation servers, development servers, CAD, besides being used as Web servers.

  7. Part I Linux Networking

  8. Network protocols supported by Linux • TCP/IP • IPv6 ( IP version 6 ) • IPX/SPX • AppleTalk Protocol • WAN networking Protocols • Isdn4linux • PPP, SLIP, PLIP • ATM • More 

  9. File sharing and printing • Sharing with Apple environment • using AppleTalk family protocols ( NetaTalk) • Sharing with Windows environment • using Samba ( an implementation of SMB protocol) • Sharing with Novell environment • using IPX/SPX • Sharing with Unix environment • using NFS ( Network File system)

  10. Internet / Intranet services • Mail • Mail Servers ( eg.Sendmail, smail, qmail, etc.) • Remote access to mail (POP, IMAP) • Fetchmail • Web Servers • Apache • Stable, Robust • Yahoo, Altavista, Geocities, Hotmail are based on this server

  11. Internet/Intranet services (cont’) • Web Browsers • Netscape Navagator, Mozilla , lynx, etc. • FTP servers & clients • News service • Domain Name System ( DNS ) • NIS ( Network Information Service )

  12. Remote execution of application • Telnet • Use a remote computer as if just at the site • Remote commands • Execution of a command on a remote machine • The X window system • The X server controls the display and I/O • The X client do the real computing work • VNC ( Virtual Network Computing) • eg. Execute in a Windows machine and output displayed in a Linux machine

  13. Acting as Network Interconnection • Bridge • Router • Firewall • Proxy Server • IP Masquerade • Load Balancing • Traffic Shaping • Port Forwarding • Virtual private networks

  14. Network Management • Network management applications • Webmin • Linuxconf • SNMP (Simple Network Management Protocol ) • allows for remote monitoring and configuration of routers, bridges , network cards, switches …

  15. Part II Security tools for Linux network

  16. Monitoring tools • Scan to determine if the machine is vulnerable to a specific exploit on that server • Connect to target machine on all ports they can • Help to fix the found problems • Examples: • SATAN ( Security Administrator’s Tool for Analyzing Networks ) • ISS( Internet Security Scaner ) • SAINT ( updated version of SATAN ) • Nessus, xSid, Logcheck, PortSentry

  17. Network Services • Problem • The more services the system offers, the more places for attackers to find a hole

  18. Network Services (cont’) • Strategy • Disable or remove services not needed • Use tcp_wrappers to wrap all the TCP services • Use SSH to replace old, insecure remote programs such as telnet, rlogin, rdist, rcp • SSH • A secure login program that revolutionized remote management of networks hosts over the Internet • A powerful program that uses strong cryptography for protecting all transmitted confidential data

  19. System integrity • Problem • A typical Linux server handles about 30,400 files • In its busy times administrators can’t check the integrities of all system files • A cracker can easily install or modify some files

  20. System Integrity ( cont’ ) • Security tools • Tripwire • Tripwire ASR ( Academic Source Release ) Create a database first  Check the integrity of a system at any time  Compare the current system and the stored database  Find if malicious changes exist

  21. Management & Limitation • GnuPG • A tool for secure communication and data storage • Can be used to encrypt data and create digital signatures • Quota • A system administration tool for monitoring and limiting users’ and groups’ disk usage • With quota, the users are forced by the system administrator to not consume unlimited disk space on a system

  22. Summary • The network capacities of Linux OS : • Support of many network protocols • File sharing and printing • Internet / Intranet Services • Remote execution of application • Acting as network interconnection • Network managemet We’ve talked about:

  23. Summary • Some security tools for Linux network: • Monitoring tools • Network services • System integrity • Management & Limitation Also talked about:

More Related