UNIX SYSTEM SECURITY Tanusree Sen 005484258. Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of.

Slides:

Advertisements

Similar presentations

Network Security.

Advertisements

Bro: A System for Detecting Network Intruders in Real-Time Vern Paxson Lawrence Berkeley National Laboratory,Berkeley, CA A stand-alone system for detecting.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Operating System Customization

Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.

System Security Scanning and Discovery Chapter 14.

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Web Server Administration TEC 236 Securing the Web Environment.

Security Issues and Challenges in Cloud Computing

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

AN INTRODUCTION TO LINUX OPERATING SYSTEM Zihui Han.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.

Course 201 – Administration, Content Inspection and SSL VPN

E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.

Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

19 Jun 2001New Jersey Infragard1 Basic Linux/System Security Bill Stearns, Senior Research Engineer Institute for Security Technology Studies, Investigative.

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

Computer Security and Penetration Testing

COEN 252 Computer Forensics

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

COEN 252 Computer Forensics Collecting Network-based Evidence.

FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Types of Electronic Infection

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.

Linux Networking and Security

ACM 511 Introduction to Computer Networks. Computer Networks.

Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.

CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.

CHAPTER 9 Sniffing.

Chapter 2 Securing Network Server and User Workstations.

INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.

Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.

WebCCTV 1 Contents Introduction Getting Started Connecting the WebCCTV NVR to a local network Connecting the WebCCTV NVR to the Internet Restoring the.

Computer Security By Duncan Hall.

How to Mitigate Stay Safe. Patching Patches Software ‘fixes’ for vulnerabilities in operating systems and applications Why Patch Keep your system secure.

 Introduction  Tripwire For Servers  Tripwire Manager  Tripwire For Network Devices  Working Of Tripwire  Advantages  Conclusion.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Windows Administration How to protect your computer.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

CSCE 548 Student Presentation By Manasa Suthram

Working at a Small-to-Medium Business or ISP – Chapter 8

TECHNOLOGY GUIDE THREE

CompTIA Server+ Certification (Exam SK0-004)

Chapter 2: Basic Switching Concepts and Configuration

TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

Operating System Concepts

Designing IIS Security (IIS – Internet Information Service)

Convergence IT Services Pvt. Ltd

Protection Mechanisms in Security Management

Presentation transcript:

UNIX SYSTEM SECURITY Tanusree Sen

Agenda Introduction Three Different Levels of Security Security Policies Security Technologies Future of UNIX System security Conclusion References

Three Different Levels of security Application Level Operating System Level Network Level Security

DEFENDING AGAINST THE APPLICATION, OPERATING SYSTEM AND NETWORK LEVEL ATTACKS No.Application LevelOperating System Level Network Level 1 Keep the browser, servers, databases, programming languages and operating systems patched regularly Check system binaries and make sure that the intruders do not alter it Avoid using hubs and try to stick to switches only and buy interface card that do not support Promiscuous mode 2 Utilize the up-to date Antivirus tools Search the setuid and setgid files everywhere on the system because often the intruders leave setuid copies of /bin/sh or /bin/time around to allow them to have the root access at a later time in the future. Disable inbound Telnet, FTP, rlogin, rsh/rcp/exec, finger etc and instead encourage SSH. 3 Make use of good Firewalls and Intrusion Detection mechanisms Regularly check the /etc/passwd file on the system and see if any modifications to that file is done or not Encrypt everything and make use of secure protocols like HTTPS, SSH, PGB, IPSec etc 4 Make sure that the application uses strong session tracking information so that it cannot be easily grabbed by the attacker Make sure to check that the victim’s systems does not allow unauthorized use of a network monitoring tool like packet sniffer because often the intruders use this tool to capture user credentials. Deploy up-to date anti spoof filters and patch the TCP stacks regualrly

Security Policies Device Security - Only Authorized person can perform - Volume manager should be disabled to prevent media device from automatically mounting - Check the origin of the software and check the checksum signature before installing - Data backup incase of disaster recovery File systems Security - Minimum permission on files - Put a sticky bit on the important files and those have write permission - Regularly look for core files and delete them. Remote Services Restriction - Services like telnet, rlogin, ftp should be kept disabled - All the services are controlled in inetd.conf. To disable these service comment the corresponding line in the inetd.conf file. - Restart the inetd.conf service either by rebooting or by giving kill -HUP command

Security Policies(contd..) Password policy - Should not be written on a piece of paper rather keep them in mind - Mixture of alphabets, numbers and non-alphabetic characters - Regular changing of passwords

Security Technologies SSH Kerberos Identity Management

What is the future of UNIX System Security? Everyday new features are implemented Vendors are investing a huge amount of money Research is going on more on virtualization and many big companies have their own operating systems virtualization technology

conclusion It is a very good practice to find out and identify that site specific security concern and define some preventive policies. It is also encouraged to look for third party security software, if it is appropriate to implement. But above all, users are the one who is going to follow these policies and for that he/she should understand the importance of it which only can be done by educating the employees and administrators.

References Sko udis, E, & Liston, T (2006). Counter Hack Reloaded A Step-By-Step Guide To Computer Attacks And Effective Defenses.New Jearsy: Pearson Education, Inc. Dunn, R (n.d.) Introduction to Application-level Security. Retrieved October 24, 2007, from Enforcing Application-level Security in Modern Operating Systems Web site: Wood, P, & Kochan, S (1985). UNIX System security. New Jersy/ Berkeley, California: Hayden Book Company Farrow, R (1991). UNIX System Security How to protect Your Data and prevent Intruders. Addison- Wesley Publishing Company, Inc. OS security tools. (n.d.). Retrieved November 16, 2007, from Operating System Security Web site:

Thank You Any Question?