Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIX SYSTEM SECURITY Tanusree Sen 005484258. Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of.

Published byAngelina Willis Modified over 8 years ago

Similar presentations

Presentation on theme: "UNIX SYSTEM SECURITY Tanusree Sen 005484258. Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of."— Presentation transcript:

1 UNIX SYSTEM SECURITY Tanusree Sen 005484258

2 Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of UNIX System security Conclusion References

3 Three Different Levels of security Application Level Operating System Level Network Level Security

4 DEFENDING AGAINST THE APPLICATION, OPERATING SYSTEM AND NETWORK LEVEL ATTACKS No.Application LevelOperating System Level Network Level 1 Keep the browser, servers, databases, programming languages and operating systems patched regularly Check system binaries and make sure that the intruders do not alter it Avoid using hubs and try to stick to switches only and buy interface card that do not support Promiscuous mode 2 Utilize the up-to date Antivirus tools Search the setuid and setgid files everywhere on the system because often the intruders leave setuid copies of /bin/sh or /bin/time around to allow them to have the root access at a later time in the future. Disable inbound Telnet, FTP, rlogin, rsh/rcp/exec, finger etc and instead encourage SSH. 3 Make use of good Firewalls and Intrusion Detection mechanisms Regularly check the /etc/passwd file on the system and see if any modifications to that file is done or not Encrypt everything and make use of secure protocols like HTTPS, SSH, PGB, IPSec etc 4 Make sure that the application uses strong session tracking information so that it cannot be easily grabbed by the attacker Make sure to check that the victim’s systems does not allow unauthorized use of a network monitoring tool like packet sniffer because often the intruders use this tool to capture user credentials. Deploy up-to date anti spoof filters and patch the TCP stacks regualrly

5 Security Policies Device Security - Only Authorized person can perform - Volume manager should be disabled to prevent media device from automatically mounting - Check the origin of the software and check the checksum signature before installing - Data backup incase of disaster recovery File systems Security - Minimum permission on files - Put a sticky bit on the important files and those have write permission - Regularly look for core files and delete them. Remote Services Restriction - Services like telnet, rlogin, ftp should be kept disabled - All the services are controlled in inetd.conf. To disable these service comment the corresponding line in the inetd.conf file. - Restart the inetd.conf service either by rebooting or by giving kill -HUP command

6 Security Policies(contd..) Password policy - Should not be written on a piece of paper rather keep them in mind - Mixture of alphabets, numbers and non-alphabetic characters - Regular changing of passwords

7 Security Technologies SSH Kerberos Identity Management

8 What is the future of UNIX System Security? Everyday new features are implemented Vendors are investing a huge amount of money Research is going on more on virtualization and many big companies have their own operating systems virtualization technology

9 conclusion It is a very good practice to find out and identify that site specific security concern and define some preventive policies. It is also encouraged to look for third party security software, if it is appropriate to implement. But above all, users are the one who is going to follow these policies and for that he/she should understand the importance of it which only can be done by educating the employees and administrators.

10 References Sko udis, E, & Liston, T (2006). Counter Hack Reloaded A Step-By-Step Guide To Computer Attacks And Effective Defenses.New Jearsy: Pearson Education, Inc. Dunn, R (n.d.) Introduction to Application-level Security. Retrieved October 24, 2007, from Enforcing Application-level Security in Modern Operating Systems Web site: http://www.cs.washington.edu/homes/rdunn/papers/rjd-generals.pdf http://www.cs.washington.edu/homes/rdunn/papers/rjd-generals.pdf Wood, P, & Kochan, S (1985). UNIX System security. New Jersy/ Berkeley, California: Hayden Book Company Farrow, R (1991). UNIX System Security How to protect Your Data and prevent Intruders. Addison- Wesley Publishing Company, Inc. OS security tools. (n.d.). Retrieved November 16, 2007, from Operating System Security Web site: http://pages.cs.wisc.edu/~cao/cs537/lecture30.txthttp://pages.cs.wisc.edu/~cao/cs537/lecture30.txt

11 Thank You Any Question?

Download ppt "UNIX SYSTEM SECURITY Tanusree Sen 005484258. Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of."

Similar presentations

Network Security.

Network Security.
Bro: A System for Detecting Network Intruders in Real-Time Vern Paxson Lawrence Berkeley National Laboratory,Berkeley, CA A stand-alone system for detecting.

Bro: A System for Detecting Network Intruders in Real-Time Vern Paxson Lawrence Berkeley National Laboratory,Berkeley, CA A stand-alone system for detecting.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Operating System Customization

Operating System Customization
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.

AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Similar presentations

Ads by Google