© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Slides:



Advertisements
Similar presentations
Planning and Administering Windows Server® 2008 Servers
Advertisements

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
Access Control Chapter 3 Part 3 Pages 209 to 227.
Linux Boot Loaders. ♦ Overview A boot loader is a small program that exists in the system and loads the operating system into the system’s memory at system.
Linux+ Guide to Linux Certification, Second Edition
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Security+ Guide to Network Security Fundamentals
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Managing Risk in Information Systems Strategies for Mitigating Risk
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Linux Security.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Securing a Wireless Network
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Windows Security Mechanisms Al Bento - University of Baltimore.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
Linux+ Guide to Linux Certification Chapter Three Linux Installation and Usage.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 15 Installing and Using Windows XP Professional.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Two Deploying Windows Servers.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.
1 Linux Basics for Networking. 2 Module - Linux Basics for Networking ♦ Overview This module focuses on the basics of networking using Redhat Enterprise.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
01/03/11 Centre for Development of Advanced Computing Chennai BOSS Desktop Security.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
Module 14: Configuring Server Security Compliance
Security+ All-In-One Edition Chapter 19 – Privilege Management Brian E. Brzezicki.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
© 2001 by Carnegie Mellon University SS5 -1 OCTAVE SM Process 5 Background on Vulnerability Evaluations Software Engineering Institute Carnegie Mellon.
Access Control. What is Access Control? The ability to allow only authorized users, programs or processes system or resource access The ability to disallow.
12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.
Module 7: Implementing Security Using Group Policy.
Privilege Management Chapter 22.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Unified Address Book Security Implications. Unified Address Book Overview –What are we talking about –What is the Risk –What are we doing to minimize.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.
22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.
The Perfect Linux Security Firewalls. Introduction of Linux Firewall Security Linux Firewall is very stable, protect our system from malware, system performance.
WARCS (Wide Area Remote Control for SPring-8)‏ A. Yamashita and Y.Furukawa SPring-8, Japan Control System Cyber-Security Workshop (CS)2/HEP Oct
19 Copyright © 2008, Oracle. All rights reserved. Security.
Working at a Small-to-Medium Business or ISP – Chapter 8
Chapter 5 : Designing Windows Server-Level Security Processes
Vulnerability Scanning With 'lynis'
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
LINUX SECURITY Dongmei Wu ID: /25/00.
IS3440 Linux Security Unit 2 Securing a Linux Platform―Core Components
SECURITY IN THE LINUX OPERATING SYSTEM
Securing Windows 7 Lesson 10.
NSA Security-Enhanced Linux (SELinux)
Convergence IT Services Pvt. Ltd
06 | SQL Server and the Cloud
Presentation transcript:

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 2 Basic Components of Linux Security

Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Learning Objective  Describe components of Linux security.

Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Key Concepts  Understand boot loaders  Security considerations while using kernel and user space components  Discretionary access control (DAC) and access control lists (ACLs)  Mandatory access control (MAC) with Security Enhanced Linux (SELinux)  Concepts of a packet filtering firewall

Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONCEPTS

Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Common Boot Loaders  Grand Unified Bootloader (GRUB)  Linux Loader (LILO)  Loadlin  Universal Bootloader (U-Boot)

Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Configuration OptionsComments default=0Is for default kernel to boot timeout=0Sets the timeout to zero color green/blueSpecifies the color for the GRUB screen password – md5 Is for the encrypted password splashimage=(hd0,0)/gru b/splash.xpm.gz Is for “splash” image that shows when you access the GRUB menu GRUB Configuration Options

Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. The Linux Firewall Location of iptables Location of netfilter User

Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Layered Security

Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: PROCESS

Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Common Linux Access Controls

Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: ROLES

Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Access Control Mechanisms DAC  Defines the access control for objects in the filesystem ACLs  Grants “special” permissions to users or groups for an object in the filesystem that are not specified in the DAC permissions MAC  Adds additional categories to objects in the filesystem

Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONTEXTS

Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Kernel Space  Kernel space has access and can control all aspects of a Linux system  Loadable kernel modules (LKMs) are a common avenue for rootkits

Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. User Space  User space is the most likely avenue that black-hat hackers attempt to exploit the Linux system.  It is common for black-hat hackers to gain unauthorized access simply by guessing an easy password from a user account.

Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: RATIONALE

Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Importance of a Firewall  Firewall on each host server provides an additional layer of security:  If the network perimeter firewall allows unauthorized traffic into the network, firewall protects servers from the unauthorized traffic.  Firewall provides additional protection to host servers if a rogue program infects the local area network (LAN).

Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Importance of Securing Core Components  Default settings, improper file permissions, and insecure user accounts are common methods used by black-hat hackers to gain unauthorized access.  Best practices and compliance standards require basic security and can result in hefty fines, if not followed.

Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Summary  Understand boot loaders  The process of Linux access control  Access control mechanisms such as DAC, ACLs, and MAC  Considerations for using kernel space and user space  Importance of firewall and securing core components

Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. OPTIONAL SLIDES

Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. A Linux Kernel Configuration Menu

Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Red Hat’s Authentication Configuration Tool

Page 23 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. The Security Level Configuration Tool for Firewalls

Page 24 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. The SELinux Administration Tool

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.