Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc.

Slides:

Advertisements

Similar presentations

© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.

Advertisements

Heroix Longitude - multiplatform, automated application performance monitoring and management software.

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Vulnerability Analysis Borrowed from the CLICS group.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Optinuity Confidential. All rights reserved. C2O Configuration Requirements.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.

Fighting Spam Enterprise Spam Filtering Using Open Source Tools.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Virtual Company Group 8 Presentation Date: June /04/2017

Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.

Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.

WhatsUp Gold v15 – WhatsUp Companion 3.7 WhatsUp Companion Extended

Inventory:OCSNG + GLPI Monitoring: Zenoss 3

TEAM Basic TotalElectrostatic ManagementAwareness&

Paul Scherrer Institut 5232 Villigen PSI HEPIX_AMST / / BJ95 PAUL SCHERRER INSTITUT THE PAUL SCHERRER INSTITUTE Swiss Light Source (SLS) Particle accelerator.

workshop eugene, oregon What is network management? System & Service monitoring  Reachability, availability Resource measurement/monitoring.

Network Monitoring System for the UNIX Lab Bradley Kita Capstone Project Mentor: Dr C. David Shaffer Fall 2004/Spring 2005.

Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998.

2  Supervisor : MENG Sreymom  SNA 2012_Group4  Group Member  CHAN SaratYUN Sinot  PRING SithaPOV Sopheap  CHUT MattaTHAN Vibol  LON SichoeumBEN.

Linux Security. Module 13 – Linux Security ♦ Overview Linux is more prone today to security loopholes and attacks, both inside and outside the network.

1 Linux Security. 2 Linux is not secure No computer system can ever be "completely secure". –make it increasingly difficult for someone to compromise.

Computer Security Risks for Control Systems at CERN Denise Heagerty, CERN Computer Security Officer, 12 Feb 2003.

Server Hardening Moses Ike and Paul Murley TexSAW 2015 Credit to Daniel Waymel and Corrin Thompson.

Power of OSSEC By Donovan Thorpe CS 5910 Fall 2010.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

WARCS (Wide Area Remote Control for SPring-8)‏ A. Yamashita and Y.Furukawa SPring-8, Japan Control System Cyber-Security Workshop (CS)2/HEP Oct

OSSEC HIDS ● Jonathan Schipp ● Dubois County Linux User Group ● Sept 4 th, 2011 ● jonschipp (at) gmail.com.

Ethan Galstad What Is Nagios? What Nagios Is IT Infrastructure Monitoring.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Barracuda SSL VPN 2012.

Network Security Solution

Introduction to Operating Systems

BEST CLOUD COMPUTING PLATFORM Skype : mukesh.k.bansal.

Working at a Small-to-Medium Business or ISP – Chapter 8

HP ProCurve Alliance + Dr Carl Windsor CISSP Major Account Manager

Virtual Private Networking with OpenVPN

Nicholas Hsiao Critical Log Review Checklist for Security Incidents – By ArcSight Logger For template guidelines or applying this.

Chapter 6 Application Hardening

CompTIA Server+ Certification (Exam SK0-004)

Overview – SOE PatchTT November 2015.

EN Lecture Notes Spring 2016

Chris D Hicks Director of IT MCSE, MCP + Internet Security

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Securing the Network Perimeter with ISA 2004

Protecting your mobile devices away from virus by a cloud-based approach Wei Wu.

ClamXav Antivirus Scanner: A Free Tool for Your Mac OS X

Vulnerability Scanning With 'lynis'

Security of a Local Area Network

Welcome To : Group 1 VC Presentation

IS3440 Linux Security Unit 6 Using Layered Security for Access Control

VPN-Implementation Using UBUNTU OS and OpenVPN and Hamachi in client-server environment. By Ruphin Byamungu, Kusinza United States International University-Nairobi.

Cybersecurity Strategy

Intro to Ethical Hacking

Outline Overview Development Tools

IS3440 Linux Security Unit 9 Linux System Logging and Monitoring

Intrusion Detection Systems (IDS)

ISMS Information Security Management System

Network hardening Chapter 14.

Welcome to all Participants

Designing IIS Security (IIS – Internet Information Service)

IT Management, Simplified

Presentation transcript:

Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc.

Outline ● General Linux security procedures ● Security tools included ● Security tools from repository ● Security tools available from others ● Commercial tools

General Security ● Mandatory good passwords ● Don't install what you don't understand ● Know your users ● Keep up to date with patches ● Good safety habits ● Backups! Backups! Backups!

Security Out of the Box ● Logfiles – syslog, /var/log ● Nightly scripts ● sudo ● Firewall rules – iptables, pf ● Secure access ssh, openssl keys ● Password management – pam ● SELinux – Security Enhanced Linux ● Jails - chroot

Available Packages ● Anti-virus – clamav ● Spam filter – SpamAssassin ● Network sniffer - nmap ● Network/System monitor – nagios, snmpd ● System IDS – tripwire ● VPN – openvpn ● Secure FTP – sftp, vsftp

Available Packages ● ClamAV Anti Virus ● ● clamd – daemon handles actual scanning ● freshclam – performs av database updates ● clamscan – scans files, directories, disks ● mail servers, mail clients

Available Packages ● SpamAssassin – spam dectection ● spamassassin.apache.org ● /etc/mail/spamassassin ● spamd ● Mail servers, mail clients

Available Packages ● NMap – Network scanner ● ● Scans by network or a single address ● Detects systems and reports all open ports ● Can detect system type ● Can detect some types of zombie machines

Available Packages ● Nagios – system, services monitoring ● ● Nagios server collects information from clients ● Plugins available for just about anything ● Tests system availability, load, service availability ● Easily extended via new plugins

Available Packages ● Tripwire – Intrusion Detection ● ● Records a fingerprint of your system's files ● Scans for any changes to that fingerprint

Available Packages ● OpenVPN – Virtual Private Network ● ● Available for Linux, Unix, Windows, Mac OSX and probably more ● Server needs fixed IP ● Clients can connect to multiple servers ● Uses ssl certificates for authentication

Available Packages ● Secure FTP – sftp, vsftpd ● sftp uses ssh tunnel for ftp connections ● vsftpd – Very Secure FTP Daemon

Third Party Packages ● IDS/IPS – ossec ● System/Network monitoring – zenoss

Third Party Packages ● Ossec – Intrusion Detection/Prevention System ● ● Monitors logfiles ● Updates firewall rules in real time ● Notifies on security problems found ● Extensible with new agents

Third Party Packages ● Zenoss – system monitoring ● ● Collects data usually with snmp ● Monitors and graphs system status ● Sends alerts when problem found ● Extensible with plugins ● Very configurable

Commercial Packages ● Ubuntu ● RedHat Enterprise Linux ● Tripwire ● Zenoss ● IBM, HP, etc