Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Similar presentations


Presentation on theme: "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."— Presentation transcript:

1 © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 3 Basic Security: Facilities Through the Boot Process

2 Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Learning Objective  Lock down the Linux boot process.

3 Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Key Concepts  Physical server security  Challenges of the standard kernel and possible security issues  Secure boot loaders  Obscurity as a security enhancement

4 Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONCEPTS

5 Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Physical Security-Server Room

6 Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Challenges of Standard Kernel  Different kernels for different architectures  What kernels can be installed on your system?  What kernel is best for your needs?  When do you consider a different kernel?  You may need to customize a kernel or install a new kernel for more security.

7 Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Boot Loader Security  Black-hat hacker use poorly configured boot systems and boot loaders to gain administrative access to systems

8 Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: PROCESS

9 Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Locking Down Boot Loaders  Back up boot loader before making changes  If something goes wrong: Use rescue mode on local distribution or a live CD to boot system Access local drives Restore the boot loader from backup Use the appropriate command (grub-install or lilo)

10 Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Securing LILO

11 Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Linux Loader Configuration File

12 Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Securing GRUB

13 Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Traditional GRUB Configuration File

14 Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. A Protected GRUB Configuration File

15 Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: ROLES

16 Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Five Process Controls

17 Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONTEXTS

18 Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. TPM and Trusted Computing  Trusted Platform Module (TPM) Not open source Password protection Software license protection Digital rights management (DRM) Disk encryption Chain of trust  TPM in a open source environment trousers, package with the TCG software stack, tpm-tools

19 Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: RATIONALE

20 Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Why Use Obscurity?

21 Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. The /etc/fstab file Can Use More Obscurity

22 Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Summary  Physical server security  Challenges of the standard kernel and possible security issues  Secure boot loaders  Obscurity as a security enhancement


Download ppt "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."

Similar presentations


Ads by Google