advertisement

Introduction To Linux Security

60 %
40 %
advertisement
Information about Introduction To Linux Security

Published on September 21, 2007

Author: mboman

Source: slideshare.net

Description

Introduction to Linux Security presentation for Linux User Group (Singapore) 2004/4/7
advertisement

Introduction to Linux Security Introduction to Linux Security Republic Polytechnic Thursday 2 nd September 2004 By Michael Boman <michael.boman@boseco.com>

Introduction to

Linux Security

Republic Polytechnic

Thursday 2 nd September 2004

By

Michael Boman

<michael.boman@boseco.com>

What we will cover: Turning off unnecessary servers and services Limit exposure of needed servers and services using IPTables Updating the system Reading Linux log files Q & A

Turning off unnecessary servers and services

Limit exposure of needed servers and services using IPTables

Updating the system

Reading Linux log files

Q & A

Turning off xinetd launched services Locate the relevant file in /etc/xinetd.d Change “no” to “yes” in the “disable” field Restart xinetd service xinetd restart

Locate the relevant file in /etc/xinetd.d

Change “no” to “yes” in the “disable” field

Restart xinetd

service xinetd restart

Controlling Daemons Temporary turn a daemon off service <daemon-name> stop Permanently removing a daemon from automatically starting at boot up chkconfig –del <daemon-name> Daemons start/stop scripts are stored in /etc/init.d

Temporary turn a daemon off

service <daemon-name> stop

Permanently removing a daemon from automatically starting at boot up

chkconfig –del <daemon-name>

Daemons start/stop scripts are stored in /etc/init.d

Who opened that port? Use netstat to locate the application that opened a particular port netstat -tunl -t = tcp -u = udp -n = don't resolve -l = listen only

Use netstat to locate the application that opened a particular port

netstat -tunl

-t = tcp

-u = udp

-n = don't resolve

-l = listen only

Limit access to required daemons What can you do when you actually need that service? Bind the service to localhost (ip address 127.0.0.1), if possible Enable IPTables and control access to the particular service

What can you do when you actually need that service?

Bind the service to localhost (ip address 127.0.0.1), if possible

Enable IPTables and control access to the particular service

Keeping the system up-to-date All systems becomes vulnerable as time passes and new vulnerabilities are discovered Always keep your system up-to-date to avoid unnecessary time spent on recovering from a intrusion

All systems becomes vulnerable as time passes and new vulnerabilities are discovered

Always keep your system up-to-date to avoid unnecessary time spent on recovering from a intrusion

Linux log files Log files are generally located in /var/log Syslog is the daemon that controls and create the log files Use a tool like “log check” to limit the amount of lines of logs to read through

Log files are generally located in /var/log

Syslog is the daemon that controls and create the log files

Use a tool like “log check” to limit the amount of lines of logs to read through

Advanced Techniques Use a file integrity checker like “tripwire” to keep an eye at changed files Use a Network IDS like “snort” to monitor attacks from the network

Use a file integrity checker like “tripwire” to keep an eye at changed files

Use a Network IDS like “snort” to monitor attacks from the network

Questions? Got any questions? Now is the time to ask them!

Got any questions? Now is the time to ask them!

Recommended reading material Security Focus www.securityfocus.com Linux Security www.linuxsecurity.org The Linux Documentation Project www.tldp.org IPTables www.netfilter.org Snort Network Intrusion Detection Software www.snort.org

Security Focus

www.securityfocus.com

Linux Security

www.linuxsecurity.org

The Linux Documentation Project

www.tldp.org

IPTables

www.netfilter.org

Snort Network Intrusion Detection Software

www.snort.org

Add a comment

Related pages

Introduction to Linux security - PenguinTutor

Introduction to Linux security principles Introduction. Security should be one of the foremost thoughts at all stages of setting up your Linux computer.
Read more

Linux Training Publication: Introduction to Linux Security ...

Needless-to-say, having multiple, diverse layers of security is a good idea. It helps protect your network and systems, in the event that there is a ...
Read more

Introduction to Linux Security 2 - CiscoDude.Net

Introduction to Linux Security 2 Jared Bater & Theo Baschak CDC Prep January 25, 2014 Online HTML5 Slides. Presentation source/download available at github ...
Read more

Introduction to Linux Security (Onsite Course Only)

Logos Secure – IAO Training Overview. The Introduction to Linux Security course is an intensive 2.5-day training experience led by seasoned information ...
Read more

Introduction to Linux - The Linux Documentation Project

Introduction 1. Why this guide? Many people still believe that learning Linux is difficult, or that only experts can understand how a Linux system works.
Read more

Introduction to Linux - The Linux Documentation Project

Introduction to Linux A Hands on Guide Machtelt Garrels. Garrels.be
Read more

Linux Security for Beginners - Introduction to Linux Securit

1 Introduction to Linux Security . There is a saying in the security world that the only truly safe computer system is one that is disconnected ...
Read more

Introduction To Linux Security - VSfocus.com

OVERVIEW: The Introduction to Linux Security course is an intensive 2.5-day training experience led by seasoned Information System Security and Technology ...
Read more

Introduction to Linux | edX

This free introductory linux course is the first in a 3 part series to linux certification. Upon completion this linux course gives you the basic linux ...
Read more

Introduction - Red Hat Customer Portal

Introduction. Welcome to the Red Hat Enterprise Linux Security Guide! The Red Hat Enterprise Linux Security Guide is designed to assist users of Red Hat ...
Read more