© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Slides:



Advertisements
Similar presentations
Snort & ACID. UTSA IS 6973 Computer Forensics SNORT.
Advertisements

Linux+ Guide to Linux Certification, Second Edition
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
System and Network Security Practices COEN 351 E-Commerce Security.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
Network Printing. Printer sharing Saves money by only needing one printer Increases efficiency of managing resources.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
Potions of Protection Server Security. What does that do again? Familiarity Differing levels of protection –Low, does not exist –Medium, No private data.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Lesson 19: Configuring Windows Firewall
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
How to Install Windows 7.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Windows XP Professional Deployment and Support Microsoft IT Shares Its Experiences Published: May 2002 (Revised October 2004)
Kaspersky Open Space Security: Release 2 World-class security solution for your business.
1 Enabling Secure Internet Access with ISA Server.
11 SYSTEMS ADMINISTRATION AND TERMINAL SERVICES Chapter 12.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
Hands-On Microsoft Windows Server 2008
Guide to Linux Installation and Administration, 2e1 Chapter 3 Installing Linux.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.
©Kwan Sai Kit, All Rights Reserved Windows Small Business Server 2003 Features.
11 Copyright © 2005, Oracle. All rights reserved. Configuring the Oracle Network Environment.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
Section 1: Introducing Group Policy What Is Group Policy? Group Policy Scenarios New Group Policy Features Introduced with Windows Server 2008 and Windows.
EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.
W2K Server Installation It is very important that before you begin to install Windows 2000 Server, you must prepare for the installation by gathering specific.
CSCI 530 Lab Intrusion Detection Systems IDS. A collection of techniques and methodologies used to monitor suspicious activities both at the network and.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. System Forensics, Investigation, and Response.
Module 11: Implementing ISA Server 2004 Enterprise Edition.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Module 5: Configuring Internet Explorer and Supporting Applications.
OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Living in a Network Centric World Network Fundamentals – Chapter 1.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
1 Chapter Overview Planning to Install SQL Server 2000 Deciding SQL Server 2000 Setup Configuration Options Running the SQL Server 2000 Setup Program Using.
1 Copyright © 2015 Pexus LLC Patriot PS Personal Server Installing Patriot PS ISO Image on.
NetTech Solutions Protecting the Computer Lesson 10.
Module 10: Windows Firewall and Caching Fundamentals.
Chapter 8: Installing Linux The Complete Guide To Linux System Administration.
Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.
 Introduction  Tripwire For Servers  Tripwire Manager  Tripwire For Network Devices  Working Of Tripwire  Advantages  Conclusion.
Version 4.0 Living in a Network Centric World Network Fundamentals – Chapter 1.
 Computer hardware refers to the physical parts of a computer and related devices. Internal hardware devices include motherboards, hard drives,
Unit 2 Personal Cyber Security and Social Engineering Part 2.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
Working at a Small-to-Medium Business or ISP – Chapter 8
Module Overview Installing and Configuring a Network Policy Server
Understand Networking Services
Hands-On Microsoft Windows Server nd Edition
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Unit 27: Network Operating Systems
IS3440 Linux Security Unit 9 Linux System Logging and Monitoring
IS4680 Security Auditing for Compliance
IS3440 Linux Security Unit 7 Securing the Linux Kernel
Presentation transcript:

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 12 Building and Maintaining a Security Baseline

Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Learning Objective  Establish a system baseline to detect anomalies.

Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Key Concepts  A secure baseline Linux system  Read-only versus live bootable operating systems  Local and remote log configuration  File and data integrity checkers

Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONCEPTS

Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Server Baseline  A default system configuration  Baseline system is secure  Helps in maintaining installed software  Performance of a baseline system can be monitored by using log files Sources for ensuring the confidentiality, integrity, and availability of any server

Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Importance of a Baseline  Helps you identify anomalies  Ensures computer system availability with regards to: Increased network traffic Hard drive usage Potential hardware problems

Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: PROCESS

Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Customizing an RHEL 5 installation

Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Starting an RHEL 6 Text-mode Installation

Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Ubuntu Software Selection Options

Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Identify System State Baseline

Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Remote Logging Step 1: Open the /etc/rsyslog.conf file in a text editor. Step 2: Add the line Step 3: Save and exit. Web Server Internet Protocol (IP) All logs on will be sent to over User Database Protocol (UDP) Port 514 Remote logging Server IP Step 4: Open the /etc/rsyslog.conf file in a text editor. Step 5: Add the line $ModLoad imudp.so. Step 6: Add the line $UDPServerRun 514. Step 7: Save and exit.

Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: ROLES

Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Read-only Mode Filesystem  Mounting a filesystem in read-only mode prevents a black-hat hacker from writing to the filesystem

Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Live Bootable Operating System  Linux live CD/DVD is a fully functional version of a Linux distribution  When booted, loads a fully functional version of Linux into RAM  Is independent of local hard-drive media  Useful for diagnosing problems with other connected physical media

Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: CONTEXTS

Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Remote Monitoring and Logging Used to consolidate monitoring and logging of all servers for easier and more effective monitoring of computer systems in a network Logging and monitoring server Firewall logs Linux system logs Linux system administrator monitors from a central location

Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Logwatch  It is a program written in Perl scripting language that consolidates information from various log files and creates a report.  In Fedora, it is installed by default and runs daily.  Its main configuration file is /etc/logwatch/conf/logwatch.conf.  Its configuration allows to set range of dates from the log files. By default, it reads logs from the previous day.  The reporting level of activity can be set as low, medium, or high.

Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Logcheck  It is used mostly on Debian-based systems, such as Ubuntu.  By default, it runs every hour and upon a reboot.  Its main configuration file is /etc/logcheck/logcheck.conf.  The log files to monitor are set in the /etc/logcheck/logcheck.logfiles file.  It supports paranoid, server, and workstation levels of output.

Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. DISCOVER: RATIONALE

Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Host-Based Intrusion Detectors  Provide a solution to the “needle in the haystack” problem  Provide a layer of security  Help establish a baseline for files, processes, and ports

Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. File Integrity Checkers  Tripwire  Advanced Intrusion Detection Environment (AIDE)  Chkrootkit  Rootkit Hunter (rkhunter)

Page 23 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. A Tripwire Check

Page 24 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Summary  A secure baseline Linux system  Read-only versus live bootable operating systems  Local and remote log configuration  File and data integrity checkers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.