Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc.

Published byGilbert McCormick Modified over 8 years ago

Similar presentations

Presentation on theme: "Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc."— Presentation transcript:

1 Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc. www.Faultline.com

2 Outline ● General Linux security procedures ● Security tools included ● Security tools from repository ● Security tools available from others ● Commercial tools

3 General Security ● Mandatory good passwords ● Don't install what you don't understand ● Know your users ● Keep up to date with patches ● Good safety habits ● Backups! Backups! Backups!

4 Security Out of the Box ● Logfiles – syslog, /var/log ● Nightly scripts ● sudo ● Firewall rules – iptables, pf ● Secure access ssh, openssl keys ● Password management – pam ● SELinux – Security Enhanced Linux ● Jails - chroot

5 Available Packages ● Anti-virus – clamav ● Spam filter – SpamAssassin ● Network sniffer - nmap ● Network/System monitor – nagios, snmpd ● System IDS – tripwire ● VPN – openvpn ● Secure FTP – sftp, vsftp

6 Available Packages ● ClamAV Anti Virus ● www.clamav.org www.clamav.org ● clamd – daemon handles actual scanning ● freshclam – performs av database updates ● clamscan – scans files, directories, disks ● mail servers, mail clients

7 Available Packages ● SpamAssassin – spam dectection ● spamassassin.apache.org ● /etc/mail/spamassassin ● spamd ● Mail servers, mail clients

8 Available Packages ● NMap – Network scanner ● www.nmap.org www.nmap.org ● Scans by network or a single address ● Detects systems and reports all open ports ● Can detect system type ● Can detect some types of zombie machines

9 Available Packages ● Nagios – system, services monitoring ● www.nagios.org www.nagios.org ● Nagios server collects information from clients ● Plugins available for just about anything ● Tests system availability, load, service availability ● Easily extended via new plugins

10 Available Packages ● Tripwire – Intrusion Detection ● www.tripwire.org www.tripwire.org ● Records a fingerprint of your system's files ● Scans for any changes to that fingerprint

11 Available Packages ● OpenVPN – Virtual Private Network ● www.openvpn.org www.openvpn.org ● Available for Linux, Unix, Windows, Mac OSX and probably more ● Server needs fixed IP ● Clients can connect to multiple servers ● Uses ssl certificates for authentication

12 Available Packages ● Secure FTP – sftp, vsftpd ● sftp uses ssh tunnel for ftp connections ● vsftpd – Very Secure FTP Daemon

13 Third Party Packages ● IDS/IPS – ossec ● System/Network monitoring – zenoss

14 Third Party Packages ● Ossec – Intrusion Detection/Prevention System ● www.ossec.net www.ossec.net ● Monitors logfiles ● Updates firewall rules in real time ● Notifies on security problems found ● Extensible with new agents

15 Third Party Packages ● Zenoss – system monitoring ● www.zenoss.com www.zenoss.com ● Collects data usually with snmp ● Monitors and graphs system status ● Sends alerts when problem found ● Extensible with plugins ● Very configurable

16 Commercial Packages ● Ubuntu ● RedHat Enterprise Linux ● Tripwire ● Zenoss ● IBM, HP, etc

Download ppt "Linux Security Tools Keeping your servers safe Ubuntu NY Local Community Team Carl Schmidtmann Faultline Network Solutions, Inc."

Similar presentations

© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.

© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.
Heroix Longitude - multiplatform, automated application performance monitoring and management software.

Heroix Longitude - multiplatform, automated application performance monitoring and management software.
ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.

ESafe Reporter V3.0 eSafe Learning and Certification Program February 2007.
Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Optinuity Confidential. All rights reserved. C2O Configuration Requirements.

Optinuity Confidential. All rights reserved. C2O Configuration Requirements.
Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.

Log Analysis and Intrusion Detection By Srikrishna Gudavalli Venkata Naga Vamsi Krishna Ravi Kiran Yellepeddy.
Fighting Spam Enterprise Spam Filtering Using Open Source Tools.

Fighting Spam Enterprise Spam Filtering Using Open Source Tools.
Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.

Network Intrusion Detection Systems Slides by: MM Clements A Adekunle The University of Greenwich.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Virtual Company Group 8 Presentation Date: June /04/2017

Virtual Company Group 8 Presentation Date: June /04/2017
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.

Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.

Kirby Kuehl Honeynet Project Member 05/08/2002 Intrusion Deception.
WhatsUp Gold v15 – WhatsUp Companion 3.7 WhatsUp Companion Extended

WhatsUp Gold v15 – WhatsUp Companion 3.7 WhatsUp Companion Extended

Similar presentations

Ads by Google