Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998.

Published byElizabeth Ryan Modified over 8 years ago

Similar presentations

Presentation on theme: "Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998."— Presentation transcript:

1 Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998

2 Approaches for Networking security n configure secure kernel n always send password, sensitive data…encrypted over the network n provide only necessary system services n verify DNS information n Firewalls n monitor the network carefully n backups (backup all the important information in case of intrusion).

3 Project Outline n SATAN n Logcheck n Sentry n SSH

4 SATAN n SATAN is a port scanner with a web interface n SATAN recognizes and reports several common network- related security problems, though it doesn’t attempt to solve them. n SATAN can be configured to do light, medium, or strong checks on a machine or network of machines. n Example problems SATAN can report: –NFS file systems exported to arbitrary hosts or to unprivileged programs –Writable anonymous FTP home directory –NIS password file access from arbitrary hosts n SATAN does NOT work on Red Hat 5.1

5 Logcheck n Log files aren’t frequently checked and mostly contain unimportant information n Automatically runs and checks system log files,filters them,and reports security violations and unusual activities via email n It allows you to specify what kind of violations should be reported to you n 00,15,30,45 * * * * /usr/local/etc/logcheck.sh

6 Sentry n To monitor a particular port/ports against probes n Sentry can detect and react –indicate via system log –host is dropped(entry in /etc/hosts.deny) –reconfigure to route traffic to a dead host –reconfigure to drop packets n sentry -tcp (basic port bound TCP mode) n sentry -stcp(stealth TCP scan detection) n sentry -atcp(advanced TCP stealth scan detection) n same applies for UDP also

7 SSH (Secure Shell) n SSH is a suite of programs used as secure replacement for rlogin, rsh and rcp to allow user to login to remote system with encrypted connection. n SSH prevents man-in-the-middle attacks and DNS spoofing. n SSH can be subverted by attackers who have root access or have access to your home directory.

8 SSH Components n Server daemon: sshd n r-Program replacements: –ssh: rlogin replacement –scp: rcp replacement n key management programs: –ssh-keygen: create authentication keys –ssh-agent: authentication agent, holds RSA authentication keys –ssh-add: register new keys with the agent n make-ssh-known-hosts: script to probe hosts on network for their public keys

9 Tips from our Experiences n Never run any program without specifying the path n Before installing any software,which should according to the creator,work on your system, search some relative mailing lists to find out what the problems other users had n It will never be a waste of time to read all documents before actually doing anything n Many problems can be understood and solved by looking into source code

Download ppt "Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998."

Similar presentations

SSH Operation and Techniques - © 2001-2006 William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…

SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN 0-07-212773-2.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
Linux’ Security Haifa Linux Club 21.10.99 Orr Dunkelman.

Linux’ Security Haifa Linux Club Orr Dunkelman.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.

Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.
File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.

File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.
Linux+ Guide to Linux Certification, Second Edition Chapter 15 Configuring Network Services and Security.

Linux+ Guide to Linux Certification, Second Edition Chapter 15 Configuring Network Services and Security.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Www.BeyondSecurity.comwww.SecurITeam.com Beyond Security Ltd. Port Knocking Beyond Security Noam Rathaus CTO Sunday, July 11, 2004 Presentation on.

Beyond Security Ltd. Port Knocking Beyond Security Noam Rathaus CTO Sunday, July 11, 2004 Presentation on.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Firewalls, Perimeter Protection, and VPNs - SANS ©2001 1 SSH Operation The Swiss Army Knife of encryption tools…

Firewalls, Perimeter Protection, and VPNs - SANS © SSH Operation The Swiss Army Knife of encryption tools…
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.

Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 10 Manage Remote Access.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Similar presentations

Ads by Google