Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Security. See who's logged in 1) w (more information) 2) who (less information)

Published byEthan Underwood Modified over 8 years ago

Similar presentations

Presentation on theme: "Linux Security. See who's logged in 1) w (more information) 2) who (less information)"— Presentation transcript:

1 Linux Security

2 See who's logged in 1) w (more information) 2) who (less information)

3 Disable remote logins for "root" account 1) Deactivate telnet daemon sudo service telnet stop 1.5) Remove telnet daemon (unless REALLY needed) sudo apt-get remove telnetd 2) Disable root logins in ssh server (use nano or vi as root) edit /etc/ssh/sshd_config; find "PermitRootLogin", set to "no" Restart ssh: sudo service ssh restart 3) Disable all remote root logins in /etc/security/access.conf add line to access.conf: "- : root : ALL EXCEPT LOCAL"

4 Disable toor account a) Delete the account: sudo userdel toor b) Disable (Lock) account: sudo usermod -L toor c) Set toor's login shell to /usr/sbin/nologin: (edit /etc/passwd; change last argument on toor's entry to /usr/sbin/nologin)

5 Enforce Password Length edit /etc/pam.d/common-password (with sudo) Append the first line containing "pam_unix.so" with min=8 This will enforce a minimum password length of 8 characters. NOTE: Can be set to any desired minimum length

6 Create User Accounts sudo useradd -m -G users,development,remote username -m creates home directories -G adds the new user to the listed groups (users,development,remote)

7 Check Active Network Service 1) Netstat (IPv4, Listening, show Process name) sudo netstat -4lp 2) Check the Internet Services daemon cat /etc/inetd.conf

8 Check Active Processes 1) ps -ex Show processes for Everything, with eXtended info 2) pstree -a Show process in tree format, with Attributes

9 End suspect processes 1) kill (PID) Ask the specified process to end nicely 2) kill -15 (PID) Tell the process to end 3) kill -9 (PID) Tell the system to end the process 4) sudo kill -9 (PID) As root, tell the system to end the process

10 chmod explained chmod: Change file privileges- identity, privilege Identities are User = u Group = g Other = o Privileges are Read = r Write = w Execute = x chmod u+x; chmod g-w; chmod o-wr

11 chown explained CHange OWnership, in user:group format. Change /home/development to be owned by root: chown root: /home/development Change /home/development to be owned by wheel group: chown :wheel /home/development Change /home/yourfile: chown you:users /home/yourfile

12 Create a Shared File Folder Create the folder, give it following permissions: (group ownership = development) User, Group, Other: No Execute Other: No read or write Group: Read and Write mkdir /home/Development chown -R :development /home/Development chmod ugo-x /home/Development chmod o-rw /home/Development chmod g+rw /home/Development

13 Log File Analysis Logs are stored in /var/log/ Example: /var/log/messages (generic messages) /var/log/syslog (kernel messages) /var/log/auth.log (Authentication log) auth.log records all login attempts-- local, ssh, telnet, etc.

14 Reading log files Dump to the screen cat /var/log/auth.log Show entries in scrollable format less /var/log/auth.log Show last 10 entries tail /var/log/auth.log Show last ten entries, and any subsequent entries tail -f /var/log/auth.log

15 grep logfiles Keyword searches on logfiles: Show login attempts for kdewey: grep 'kdewey' /var/log/auth.log Show sudo uses: grep 'sudo' /var/log/auth.log

Download ppt "Linux Security. See who's logged in 1) w (more information) 2) who (less information)"

Similar presentations

Linux Users and Groups Management

Linux Users and Groups Management
Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.

Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.
User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.

User Account Management WeeSan Lee. Roadmap Add An Account Delete An Account /etc/{passwd,shadow} /etc/group How To Disable An Account? Root Account Q&A.
Lesson 22 – Introduction to Linux Systems Administration.

Lesson 22 – Introduction to Linux Systems Administration.
User Accounts and Permissions Chapter IV / Part II.

User Accounts and Permissions Chapter IV / Part II.
T UTORIAL OF U NIX C OMMAND & SHELL SCRIPT S 5027 Professor: Dr. Shu-Ching Chen TA: Samira Pouyanfar Spring 2015.

T UTORIAL OF U NIX C OMMAND & SHELL SCRIPT S 5027 Professor: Dr. Shu-Ching Chen TA: Samira Pouyanfar Spring 2015.
Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.

Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Chapter 3 Unix Overview. Figure 3.1 Unix file system.

Chapter 3 Unix Overview. Figure 3.1 Unix file system.
A short two-part talk introducing: Basic Linux/Unix system administration (CentOS/RHEL5) General Computer/Network security … for the G53SEC module. Nick.

A short two-part talk introducing: Basic Linux/Unix system administration (CentOS/RHEL5) General Computer/Network security … for the G53SEC module. Nick.
Web Server Administration Chapter 5 Managing a Server.

Web Server Administration Chapter 5 Managing a Server.
Linux Filesystem Management

Linux Filesystem Management
The Network Management Lab pc1 10.10.0.1 pc2 10.10.0.2 pc3 10.10.0.3 pc4 10.10.0.4 pc5 10.10.0.5... Virtual Servers Your Laptop.

The Network Management Lab pc pc pc pc pc Virtual Servers Your Laptop.
Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.

Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.
Hacking Linux Systems.  Text Editors  vi, ex, pico, jove, GNU emacs  Shells  chs (C Shell), sh (Bourne Shell)  File navigation  cd, ls, cp, mv,

Hacking Linux Systems.  Text Editors  vi, ex, pico, jove, GNU emacs  Shells  chs (C Shell), sh (Bourne Shell)  File navigation  cd, ls, cp, mv,
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)

File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.

Adding New Users User as an entity - username(UID), GID. UID - typically a number for system to identify the user. GID – a number that recognizes a set.
ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.

ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.

Similar presentations

Ads by Google