Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Published byPhyllis Thomas Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."— Presentation transcript:

1 © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 12 Building and Maintaining a Security Baseline

2 Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective  Establish a system baseline to detect anomalies.

3 Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  A secure baseline Linux system  Read-only versus live bootable operating systems  Local and remote log configuration  File and data integrity checkers

4 Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: CONCEPTS

5 Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Server Baseline  A default system configuration  Baseline system is secure  Helps in maintaining installed software  Performance of a baseline system can be monitored by using log files Sources for ensuring the confidentiality, integrity, and availability of any server

6 Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Importance of a Baseline  Helps you identify anomalies  Ensures computer system availability with regards to: Increased network traffic Hard drive usage Potential hardware problems

7 Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: PROCESS

8 Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Customizing an RHEL 5 installation

9 Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Starting an RHEL 6 Text-mode Installation

10 Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Ubuntu Software Selection Options

11 Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Identify System State Baseline

12 Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Remote Logging Step 1: Open the /etc/rsyslog.conf file in a text editor. Step 2: Add the line *.* @10.10.10.4:514. Step 3: Save and exit. Web Server Internet Protocol (IP) 10.10.10.9 All logs on 10.10.10.9 will be sent to 10.10.10.4 over User Database Protocol (UDP) Port 514 Remote logging Server IP 10.10.10.4 Step 4: Open the /etc/rsyslog.conf file in a text editor. Step 5: Add the line $ModLoad imudp.so. Step 6: Add the line $UDPServerRun 514. Step 7: Save and exit.

13 Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: ROLES

14 Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Read-only Mode Filesystem  Mounting a filesystem in read-only mode prevents a black-hat hacker from writing to the filesystem

15 Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Live Bootable Operating System  Linux live CD/DVD is a fully functional version of a Linux distribution  When booted, loads a fully functional version of Linux into RAM  Is independent of local hard-drive media  Useful for diagnosing problems with other connected physical media

16 Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: CONTEXTS

17 Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Remote Monitoring and Logging Used to consolidate monitoring and logging of all servers for easier and more effective monitoring of computer systems in a network Logging and monitoring server Firewall logs Linux system logs Linux system administrator monitors from a central location

18 Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Logwatch  It is a program written in Perl scripting language that consolidates information from various log files and creates a report.  In Fedora, it is installed by default and runs daily.  Its main configuration file is /etc/logwatch/conf/logwatch.conf.  Its configuration allows to set range of dates from the log files. By default, it reads logs from the previous day.  The reporting level of activity can be set as low, medium, or high.

19 Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Logcheck  It is used mostly on Debian-based systems, such as Ubuntu.  By default, it runs every hour and upon a reboot.  Its main configuration file is /etc/logcheck/logcheck.conf.  The log files to monitor are set in the /etc/logcheck/logcheck.logfiles file.  It supports paranoid, server, and workstation levels of output.

20 Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: RATIONALE

21 Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Host-Based Intrusion Detectors  Provide a solution to the “needle in the haystack” problem  Provide a layer of security  Help establish a baseline for files, processes, and ports

22 Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. File Integrity Checkers  Tripwire  Advanced Intrusion Detection Environment (AIDE)  Chkrootkit  Rootkit Hunter (rkhunter)

23 Page 23 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Tripwire Check

24 Page 24 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  A secure baseline Linux system  Read-only versus live bootable operating systems  Local and remote log configuration  File and data integrity checkers

Download ppt "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."

Similar presentations

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.

Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.

Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
Network Printing. Printer sharing Saves money by only needing one printer Increases efficiency of managing resources.

Network Printing. Printer sharing Saves money by only needing one printer Increases efficiency of managing resources.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.

Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
How to Install Windows 7.

How to Install Windows 7.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)

Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.

Similar presentations

Ads by Google