© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Slides:

Advertisements

Similar presentations

Presented by Nikita Shah 5th IT ( )

Advertisements

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Red Hat Linux Network. Red Hat Network Red Hat Network is the environment for system- level support and management of Red Hat Linux networks. Red Hat.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Web Server Administration

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 418/918 Autumn 2005 Gene Awyzio SITACS University of Wollongong.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.

Managing Risk in Information Systems Strategies for Mitigating Risk

Maintaining and Updating Windows Server 2008

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

IT:Network:Microsoft Applications

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

Module 16: Software Maintenance Using Windows Server Update Services.

Lesson 10 Operating System Customization

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.

Module 1: Installing Windows XP Professional. Overview Manually Installing Windows XP Professional Automating a Windows XP Professional Installation Using.

Security for Seniors SeniorNet Help Desk

Downloading & Installing Software Chapter 13. Maintaining the System Yum Pirut BitTiorrent Rpm Keeping Software Up To Date Up2date Red Hat Network Wget.

Ashita Srivastava ISM High Five Corporations Chain of fast food restaurants Using Windows XP for clients and Windows Server 2008 Needs a robust.

Maintaining a Microsoft SQL Server 2008 Database SQLServer-Training.com.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.

Training on ManageEngine Desktop Central

Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.

Kaseya Fundamentals Workshop Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 DAY FOUR.

Credit Card Processing Gail “Montreal” Shoffey Keeler August 14, 2007.

© 2010 VMware Inc. All rights reserved Patch Management Module 13.

Module 13: Maintaining Software by Using Windows Server Update Services.

Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.

Chapter 6 of the Executive Guide manual Technology.

Welcome to the official tour of TrainingEvals.com SM !

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.

Learningcomputer.com SQL Server 2008 – Administration, Maintenance and Job Automation.

The ProactiveWatch Monitoring Service. Are These Problems For You? Your business gets disrupted when your IT environment has issues Your employee and.

Avira Endpoint Security. Introduction of Avira Management Center (AMC)

OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.

CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Brief Overview: Options for Licence & Support Open Source Job Scheduler Software- und Organisations-Service GmbH 

 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Overview-TPV Service Delivery

Maintaining and Updating Windows Server 2008 Lesson 8.

Introduction to System Administration. System Administration  System Administration  Duties of System Administrator  Types of Administrators/Users.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Performing Risk Analysis and Testing: Outsource or In-house

Patch Management Module 13.

CompTIA Server+ Certification (Exam SK0-004)

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Page 1 Fundamentals of Information Systems.

Information Security Session October 24, 2005

IS3440 Linux Security Unit 7 Securing the Linux Kernel

TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.

IS3440 Linux Security Unit 8 Software Management

Management Suite v2.0 DoubleCheck Manager Management Suite v2.0.

Microsoft Virtual Academy

Presentation transcript:

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 11 Managing Security Alerts and Updates

Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Learning Objective and Key Concepts Learning Objective  Evaluate the importance of maintaining a software management plan. Key Concepts  Software management tools  Techniques to manage the update process  Importance of anti-virus software in Linux security  Open source software vulnerabilities and security updates

Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONCEPTS

Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Common Package Managers

Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Graphical Package Managers

Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Best Practices for Compiling Software  You must know about the software you are downloading. Make sure that it is from a reputable organization.  Verify the source code.  Do not compile the software as root if it can be compiled as a regular user.  Always read the README file.  Follow recommendations of the Linux Filesystem Hierarchy Standard (FHS).

Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Red Hat Satellite Server Red Hat's platform Red Hat Satellite Server Corporate demilitarized zone (DMZ) firewall Computer Systems Updates are controlled internally and not by Red Hat's platform Transmits all software packages and updates

Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: PROCESS

Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Process to Apply Security Updates Manually Security patch becomes available Check if it is high priority? Enter task or patch in queue for next scheduled maintenance of systems Apply and test in development Apply and test in staging Apply to production

Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Process to Apply Security Updates Automatically Security patch becomes available Linux distribution repositories: Community or commercial Development updatedStaging updatedProduction updated

Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Red Hat Network (RHN) Update Step 1: Security patch becomes available for Apache Web server Step 4: RHN transmits update to the Web server Step 2: RHN flags that www1.is418.com Is in need of the patch rhn.redhat.com www1.is418.com installs update Step 3: RHN sends an notification, places an alert in the control panel, and sends alert to impacted Linux systems

Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: ROLES

Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Commercial Linux Vendor  Monitors specific software vulnerabilities  Provides patches to the software  Packages the software  Tests the patches  Notifies customers and provides updates

Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Linux System Administrator  Monitors mailing lists, forums, and security- related Web sites  Communicates with Linux vendor about updates  Applies patches to development and staging servers  Rolls out security updates to production systems

Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONTEXTS

Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Software Management Plans Vendor Supported  Used for mission-critical Linux servers  Popular with businesses without in-house Linux system administration expertise

Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Software Management Plans (Continued) Community Supported  Used for less critical servers  Popular with Web hosting companies with experienced Linux system administrators  Popular choice with business entities on a budget

Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: RATIONALE

Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Software Management Plans  Update all software on the Linux system  Send notifications directly to the impacted systems  Verify and maintain a history of all installed software  Keep all installed software in a database for easy querying

Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Anti-Virus Software  These software protect operating systems from viruses that are contained in documents and s.  Anti-virus software needs to be installed on critical servers for compliance with regulations, such as the Payment Card Industry (PCI) Data Security Standard (DSS).

Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Summary  Common and graphical package managers  Red Hat Satellite Server  Processes to apply security updates  Importance of anti-virus software in Linux security  Software management plans

Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. OPTIONAL SLIDES

Page 23 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Ubuntu 50unattended-upgrades Configuration File

Page 24 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. X