IT430 Information Assurance - PowerPoint PPT Presentation

1 / 15
About This Presentation
Title:

IT430 Information Assurance

Description:

What is Unix / Linux 'Open Source' Operating Systems. Linux is 'loosely' Based on Unix ... var. passwd. shadow. Standard programs and utilities (stands for Binary) ... – PowerPoint PPT presentation

Number of Views:37
Avg rating:3.0/5.0
Slides: 16
Provided by: comp156
Category:

less

Transcript and Presenter's Notes

Title: IT430 Information Assurance


1
IT430 Information Assurance
  • Lesson 9 Linux and Unix Security

2
Some of the Security Ps
  • People
  • Passwords
  • Permissions
  • Patching
  • Ports / Protocols
  • Policies

3
What is Unix / Linux
  • Open Source Operating Systems
  • Linux is loosely Based on Unix
  • Easier to Learn on than Unix
  • Used to be Totally Command Line based
  • Now a Lot of Graphical Interfaces

4
Why Study Unix Security
  • DoD Command and Control
  • High End Databases
  • Super-Computers
  • Primary Servers on Many Networks
  • Senior Leaders do not Understand Unixforget Unix
    Security!

5
Typical Unix / Linux Directory Structure
(Root Directory)
adm
bin
dev
etc
usr
var
passwd
shadow
log
group
Standard programs and utilities (stands for
Binary)
Logins and Encrypted Passwords
List of Groups (for Group Permissions)
Standard Log Files
6
Unix/ Linux File / Directory Permissions
  • Three Permissions
  • Read
  • Write
  • Execute
  • Three Types of Access
  • Owner
  • Group
  • Everyone

7
Unix / Linux File Permissions
6
4
7
rwxrw-r--
1 1 1
1 1 0
1 0 0
Owner can Read, Write and Execute
Everyone can Read, but not Write nor Execute
Group can Read, Write but Not Execute
8
Unix / Linux Flavors
  • Unix
  • HP
  • SUN OS and Solaris
  • AIX
  • BSD
  • Linux
  • Red Hat (Licensed Version)
  • Fedora (Free Version)

9
Verify Directory Content
  • Compare a Known Good Configuration
  • Look for Hidden Files

10
Patching
  • Specific Versions for Each Unix / Linux Version
  • No Central Location for Patches
  • Much of the Process Can be Automated
  • Verify all Machines Have Been Patched (Dont
    Assume Automation Works 100)

11
Minimize Unnecessary Services
  • Lots of Unnecessary Services
  • Know What You Need (and keep a list)
  • When in Doubt Stop One Service at a Time and
    See if You Break Something
  • Given a Choice Use Secure (Encrypted) Services
    versus Clear Text

12
Logging
  • Understand Who Has Read/Write Permissions for
    Logging
  • Understand How to Read the Logs
  • Analyze the Logs!
  • Assume the Bad Guy May Try to Change Logs to
    Cover Tracks

13
System Access / User Accounts
  • Passwords
  • Old Unix versions only Allow 8 Character
    Passwords
  • 12-13 character password, non-dictionary words,
    non-names recommended by NSA
  • Verify that no Additional UserID 0 Access
    Exists (Other than Root)

14
Unix Trusts
  • Designed so that you dont have to authenticate
    among systems
  • SAMBA file and print services sharing with
    Windows

15
References
  • NSA Security Guides
  • www.nsa.gov/snac
  • DISA STIGs
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "IT430 Information Assurance" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!