Introduction To Linux Security
-
Upload
michael-boman -
Category
Technology
-
view
1.852 -
download
3
description
Introduction to Linux Security presentation for Linux User Group (Singapore) 2004/4/7
Transcript of Introduction To Linux Security
- 1. Introduction to Linux Security
-
- Introduction to
-
-
- Linux Security
-
- Republic Polytechnic
-
- Thursday 2 ndSeptember 2004
-
- By
-
- Michael Boman
2. What we will cover:
- Turning off unnecessary servers and services
- Limit exposure of needed servers and services using IPTables
- Updating the system
- Reading Linux log files
- Q & A
3. Turning off xinetd launched services
- Locate the relevant file in /etc/xinetd.d
- Change no to yes in the disable field
- Restart xinetd
-
- service xinetd restart
4. Controlling Daemons
- Temporary turn a daemon off
-
- service stop
- Permanently removing a daemon from automatically starting at boot up
-
- chkconfig del
- Daemons start/stop scripts are stored in /etc/init.d
5. Who opened that port?
- Use netstat to locate the application that opened a particular port
- netstat -tunl
-
- -t = tcp
-
- -u = udp
-
- -n = don't resolve
-
- -l = listen only
6. Limit access to required daemons
- What can you do when you actually need that service?
-
- Bind the service to localhost (ip address 127.0.0.1), if possible
-
- Enable IPTables and control access to the particular service
7. Keeping the system up-to-date
- All systems becomes vulnerable as time passes and new vulnerabilities are discovered
- Always keep your system up-to-date to avoid unnecessary time spent on recovering from a intrusion
8. Linux log files
- Log files are generally located in /var/log
- Syslog is the daemon that controls and create the log files
- Use a tool like log check to limit the amount of lines of logs to read through
9. Advanced Techniques
- Use a file integrity checker like tripwire to keep an eye at changed files
- Use a Network IDS like snort to monitor attacks from the network
10. Questions?
- Got any questions? Now is the time to ask them!
11. Recommended reading material
- Security Focus
-
- www.securityfocus.com
- Linux Security
-
- www.linuxsecurity.org
- The Linux Documentation Project
-
- www.tldp.org
- IPTables
-
- www.netfilter.org
- Snort Network Intrusion Detection Software
-
- www.snort.org