UNIX SECURITY Presented by Lisa Outlaw, CISA Information Systems Audit Supervisor.

Slides:

Advertisements

Similar presentations

Thoughts on Technology Issues for Small Business Implementing Technical Safeguards to support Your Policies.

Advertisements

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

Information Systems Audit Program (cont.). PHYSICAL SECURITY CONTROLS.

Lesson 17: Configuring Security Policies

Information Systems Audit Program. Benefit Audit programs are necessary to perform an effective and efficient audit. Audit programs are essentially checklists.

Appendix B: Designing Policies for Managing Networks.

Module 4: Implementing User, Group, and Computer Accounts

Security Features in Windows Vista. What Will We Cover? Security fundamentals Protecting your company’s resources Anti-malware features.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Chapter 3 Unix Overview. Figure 3.1 Unix file system.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Payment Card Industry (PCI) Data Security Standard

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

Maintaining Host Security Logs.  Security logs are invaluable for verifying whether the host's defenses are operating properly.  Another reason to maintain.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

The University of Akron Summit College Business Technology Dept.

NAMS Account Activation Training. 2 What is NAMS? The NASA Account Management System is NASA’s centralized process for requesting and maintaining accounts.

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.

Gorman, Stubbs, & CEP Inc. 1 Introduction to Operating Systems Lesson 12 Windows 2000 Server.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Chapter 6 of the Executive Guide manual Technology.

Access Training Linux/Unix Power Broker Access Custom Schema Database Access Customer Training Date: 25-JAN-2005.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

Module 3: Administrator Set-Up Intuit Financial Services University Internet Banking Certification Training.

1 Chapter Overview Publishing Resources in Active Directory Service Redirecting Folders Using Group Policies Deploying Applications Using Group Policies.

1 Application Security: Electronic Commerce and Chapter 9 Copyright 2003 Prentice-Hall.

Database Design and Management CPTG /23/2015Chapter 12 of 38 Functions of a Database Store data Store data School: student records, class schedules,

Planning a Microsoft Windows 2000 Administrative Structure Designing default administrative group membership Designing custom administrative groups local.

Overview Managing a DHCP Database Monitoring DHCP

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Mr C Johnston ICT Teacher BTEC IT Unit 05 - Lesson 12 Network Security Policy.

Chapter 10: Rights, User, and Group Administration.

Database Role Activity. DB Role and Privileges Worksheet.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.

Minimizing your vulnerabilities. Lets start with properly setting up your servers which includes… Hardening your servers Setting your file and folder.

Module 12: Configuring and Managing Storage Technologies

Privilege Management Chapter 22.

Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.

This lesson we will look at organisational:. Policies and Procedures Part of your role as an employee in a workplace is to support and promote your company.

L Identify the “out-of-the-box” audit settings l Identify recommended minimum audit settings l Configure security event log settings to meet recommendations.

Chapter 7 Server Management Policies –User accounts –Groups Rights and permissions Examples.

Module 7: Designing Security for Accounts and Services.

1 Chapter Overview Using Standby Servers Using Failover Clustering.

By: Matt Winkeler.  PCI – Payment Card Industry  DSS – Data Security Standard  PAN – Primary Account Number.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Windows Active Directory – What is it? Definition - Active Directory is a centralized and standardized system that automates network management of user.

Appendix A: Designing an Acceptable Use Policy. Overview Analyzing Risks That Users Introduce Designing Security for Computer Use.

Review of IT General Controls

Business Managers Meeting May 15, 2017 Presented by Management Advisory Services Sharon Doherty-Ritter, Director David Sohns, Management Analyst.

Working at a Small-to-Medium Business or ISP – Chapter 8

Chapter 5 : Designing Windows Server-Level Security Processes

Introduction to Operating Systems

Chapter 8 File Security.

IBM Software Group | Tivoli Brand Software

IS4550 Security Policies and Implementation

Lesson 16-Windows NT Security Issues

Figure 6-9: Managing Users and Groups

Security and File Permission

16. Account Monitoring and Control

PCW-09 Vision: Information Center Approval System

Figure 6-13: Managing Permissions

Presentation transcript:

UNIX SECURITY Presented by Lisa Outlaw, CISA Information Systems Audit Supervisor

A BRIEF OVERVIEW “Need to Know Basis”“Need to Know Basis” BaselineBaseline –User Account Administration –Password Administration –Group or Role Administration –File Permissions on Critical Files –UMASK –SUID & SGID –Cron –Syslog –Services –Patches ConclusionConclusion

Need to Know Basis When setting up security on your Unix systems, ensure that security is set up on a need to know need to use basis.When setting up security on your Unix systems, ensure that security is set up on a need to know need to use basis.

Baseline A Baseline ensures that security policies are implemented consistently and completely across various platforms.A Baseline ensures that security policies are implemented consistently and completely across various platforms. Should be in a written formShould be in a written form Include specific instructions to achieve security on a specific server.Include specific instructions to achieve security on a specific server.

User Account Administration User Account Policies should address:User Account Policies should address: –Immediate deactivation of Users Accounts for terminated employees –Superuser account procedures –Contractors Accounts –Naming Conventions for User accounts

Password Administration 60 to 90 day expiration for ordinary users60 to 90 day expiration for ordinary users 30 day password expiration for superusers30 day password expiration for superusers Do not allow password sharingDo not allow password sharing Set minimum password lengths to at least 6 charactersSet minimum password lengths to at least 6 characters

Group or Role Administration Assign users with like responsibilities to groupsAssign users with like responsibilities to groups

File Permissions on Critical Files Unix controls access to files, programs, and all other resources via file permissions.Unix controls access to files, programs, and all other resources via file permissions. Unix permission are controlled by three categories: Owner, Group, and WorldUnix permission are controlled by three categories: Owner, Group, and World Each category has the ability to either READ, WRITE, and/or EXECUTE Unix files or resourcesEach category has the ability to either READ, WRITE, and/or EXECUTE Unix files or resources Ex. –rwxr-x--xEx. –rwxr-x--x

UMASK Ensure that your UMASK settings automatically assigns each newly created file with the most secure file permission.Ensure that your UMASK settings automatically assigns each newly created file with the most secure file permission.

SUID & SGID SUID and SGID files allow the World user to temporarily assume the permissions of the Owner or Group users while using the program.SUID and SGID files allow the World user to temporarily assume the permissions of the Owner or Group users while using the program.

CRON Cron is the Unix Job schedulerCron is the Unix Job scheduler Many system administrators use the Cron to perform automatic full or incremental back-ups of the systems.Many system administrators use the Cron to perform automatic full or incremental back-ups of the systems. The Cron can also be used to log files, clean up file system etc.The Cron can also be used to log files, clean up file system etc.

Syslog The syslog utility allows systems administrators to log various events occurring on the Unix system.The syslog utility allows systems administrators to log various events occurring on the Unix system. If Syslog is configured correctly, Unix can log many security events without the use of a third party plug-in.If Syslog is configured correctly, Unix can log many security events without the use of a third party plug-in.

Services The inetd.conf file controls the services that are allowed on the Unix system.The inetd.conf file controls the services that are allowed on the Unix system. Make sure that only necessary services are activatedMake sure that only necessary services are activated Unix comes with all services activated by default, and many of these services have severe security vulnerabilities.Unix comes with all services activated by default, and many of these services have severe security vulnerabilities.

Patches Ensure that your Unix systems are patched regularly. A policy should be adopted to ensure that all patches are tested and installed on a schedule.Ensure that your Unix systems are patched regularly. A policy should be adopted to ensure that all patches are tested and installed on a schedule.

Conclusion Although there are many other areas that can be addressed in a security baseline, the aforementioned areas mentioned will give you a headstart in addressing security for your Unix system, and should prepare your servers for our upcoming IS audits.Although there are many other areas that can be addressed in a security baseline, the aforementioned areas mentioned will give you a headstart in addressing security for your Unix system, and should prepare your servers for our upcoming IS audits.