Presentation is loading. Please wait.

Presentation is loading. Please wait.

OS Hardening Justin Whitehead Francisco Robles. ECE 4112 - Internetwork Security OS Hardening Installing kernel/software patches and configuring a system.

Published byNigel Chambers Modified over 8 years ago

Similar presentations

Presentation on theme: "OS Hardening Justin Whitehead Francisco Robles. ECE 4112 - Internetwork Security OS Hardening Installing kernel/software patches and configuring a system."— Presentation transcript:

1 OS Hardening Justin Whitehead Francisco Robles

2 ECE 4112 - Internetwork Security OS Hardening Installing kernel/software patches and configuring a system in order to prevent attackers from exploiting and attacking your system.

3 ECE 4112 - Internetwork Security Motivations Why?  Add security features not present in default installs –Vendors leave default installs open for more customizability –Kernel & System level patches – work for known and unknown bugs  Bugs/Exploits in software

4 ECE 4112 - Internetwork Security How Patches  Apply security patches to Linux kernel  Apply bug patches to software Security tools  Extra system logs and auditing System rules and policies  Restrict user privileges  Disabling unnecessary processes

5 ECE 4112 - Internetwork Security The Best in Hardening… GRsecurity  Kernel patch  Features –Non-Executable Stack –Change root (chroot) hardening –/tmp race prevention –Extensive auditing –Additional randomness in the TCP/IP stack –/proc restrictions

6 ECE 4112 - Internetwork Security Hardening Utilities Bastille Linux www.bastille-linux.org  Automated security program, Security wizard –SUID restrictions –SecureInetd –DoS attack detection and prevention –Automated firewall scripting –User privileges –Education

7 ECE 4112 - Internetwork Security Common Issues and Exploits Stack-based attacks /proc /tmp SUID TCP Sequence Numbers

8 ECE 4112 - Internetwork Security /proc /proc is a pseudo file system used for the kernel-level modules to send and retrieve information to and from processes Some files changeable, but primarily read- only but still allows users to gather information on specific processes.

9 ECE 4112 - Internetwork Security /proc Solutions grsecurity  /proc rights restrictions that don't leak information about process owners  Option to hide kernel processes  /proc filedescriptor/memory protection

10 ECE 4112 - Internetwork Security /tmp exploits /tmp directory is used by many programs to create and access files. Do not need permissions to create files Programs using /tmp must be carefully written in order to avoid exploits

11 ECE 4112 - Internetwork Security /tmp exploits Race Condition  Replacing a file during the time a program accesses it and opens it. –Allows attacker to manipulate program with their own data, “winning the race”  Performing a race attack on a symlink can allow an attacker to create a file somewhere else on the system –Attackers can also gain root access

12 ECE 4112 - Internetwork Security /tmp Solutions GRsecurity  Places restrictions on hardlinks/symlinks Bastille  Each process using /tmp gets its own safe /tmp directory

13 ECE 4112 - Internetwork Security SUID Exploits SUID  Set-User ID – allows processes to be executed with the permissions of its owner, not the user running it  Example: passwd SUID programs can be exploited to gain root access  Bad inputs  Buffer overflows

14 ECE 4112 - Internetwork Security SUID solutions Bastille  Disables many SUID programs it believes users should not run anyways –mount, umount? –Up to admin

15 ECE 4112 - Internetwork Security TCP/IP Stack randomization Initial sequence numbers can be guessed or discovered by attackers  Allows session hijacking  IP spoofing Security patches attempt to add more randomization to initial sequence numbers  grsecurity

16 ECE 4112 - Internetwork Security What you will be doing Base RH 8.0 Install  Run a series of exploits and collect TCP traffic data Applying patch to kernel, recompiling kernel Configuring system with Bastille Linux

17 ECE 4112 - Internetwork Security Before and After Port scan TCP data capture Running a stack exploit Running /tmp and SUID exploits Comparing User Privileges  SUID programs  Access to gcc  /proc

18 ECE 4112 - Internetwork Security Base Install RH 8.0 Telnet, FTP, and other insecure inetd services running No firewall No RH updates Minimum security settings

19 ECE 4112 - Internetwork Security GR Security Patch Apply patch to kernel, rebuild kernel  Perform stack exploit  Perform port scan  Record differences in /proc  Perform /tmp exploit  Compare results to base install

20 ECE 4112 - Internetwork Security Bastille-Linux Install and run  Configure SecureInetd daemon  Disable problematic daemons and SUID programs  Configure firewall  Enable /tmp security Repeat previous tests

Download ppt "OS Hardening Justin Whitehead Francisco Robles. ECE 4112 - Internetwork Security OS Hardening Installing kernel/software patches and configuring a system."

Similar presentations

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
SubDomain: Parsimonious Server Security Presenter: Alptekin Küpçü.

SubDomain: Parsimonious Server Security Presenter: Alptekin Küpçü.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN 0-07-212773-2.

Hacking Linux Based on Hacking Linux Exposed Hatch, Lee, and Kurtz ISBN
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.

System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Linux Security 資管研究生 劉順德. Outline General Security –Account –Local –Network –Patch Services Security –Sendmail –BIND/DNS –Apache –FTP Recent Linux security.

Linux Security 資管研究生 劉順德. Outline General Security –Account –Local –Network –Patch Services Security –Sendmail –BIND/DNS –Apache –FTP Recent Linux security.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Hacking Web Server Defiana Arnaldy, M.Si 0818 0296 4763.

Hacking Web Server Defiana Arnaldy, M.Si
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.

Copyright © 2002 ProsoftTraining. All rights reserved. Operating System Security.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Securing Apache and PHP

Securing Apache and PHP
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
CSCD 303 Essential Computer Security Fall 2010

CSCD 303 Essential Computer Security Fall 2010

Similar presentations

Ads by Google