Presentation is loading. Please wait.

Presentation is loading. Please wait.

Welcome to all Participants

Similar presentations


Presentation on theme: "Welcome to all Participants"— Presentation transcript:

1 Welcome to all Participants
Workshop on Server Hardening

2 Today Highlights Redhat Linux 7 Installation (Dual Booting)
Server Hardening - Security overview - Vulnerability Assessment - Linux Server Hardening Security Tips - Compliance and Frameworks 

3 Computer security also known as cyber security or IT security, is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide.

4 Computer security Confidentiality Integrity Availability

5 Security Controls Physical Technical Administrative
Computer security is often divided into three distinct master categories, commonly referred to as controls: Physical Technical Administrative

6 Physical Controls Closed-circuit surveillance cameras
Motion or thermal alarm systems Security guards Picture IDs Locked and dead-bolted steel doors Biometrics (includes fingerprint, voice, face, iris, handwriting, etc)

7 Technical Controls Encryption Smart cards Network authentication
Access control lists (ACLs) Tips and Tricks

8 Administrative controls
Training and awareness Disaster preparedness and recovery plans Personnel recruitment and separation strategies Personnel registration and accounting

9 Vulnerability Assessment
Assessment and Testing - Outside Looking - Inside Looking

10 Vulnerability Assessment
Tools - Nmap - Nessus - OpenVAS - Nikito - Lynis

11 Linux Server Hardening Security Tips
Encrypt Data Communication scp, ssh, sftp, rsync. SSL for apache etc Avoid Using FTP, Telnet

12 Linux Server Hardening Security Tips
Minimize Software to Minimize Vulnerability Disable Unwanted Services Find Listening Network Ports Delete X Windows

13 Linux Server Hardening Security Tips
One Network Service Per System or VM Instance

14 Linux Server Hardening Security Tips
Keep Linux Kernel and Software Up to Date Selinux Configure Iptables and TCPWrappers Linux Kernel /etc/sysctl.conf Hardening

15 Linux Server Hardening Security Tips
User Accounts and Strong Password Policy Password aging  Locking User Accounts After Login Failures

16 Linux Server Hardening Security Tips
Securing SSH Login Disable remote root login Use of PAM Change default port Port Knocking

17 Linux Server Hardening Security Tips
Separate Disk Partitions Disk Quotas

18 Linux Server Hardening Security Tips
Use A Centralized Authentication Service Kerberos

19 Linux Server Hardening Security Tips
Logging and Auditing Monitor Suspicious Log Messages With Logwatch / Logcheck System Accounting with auditd

20 Linux Server Hardening Security Tips
Install And Use Intrusion Detection System Disable USB/firewire/thunderbolt devices Use fail2ban/denyhost as IDS (Install an Intrusion Detection System)

21 Linux Server Hardening Security Tips
Use A Centralized Authentication Service Kerberos

22 Linux Server Hardening Security Tips
Backup Log Server Physical server security

23 Compliance and Framework

24 Thank You


Download ppt "Welcome to all Participants"

Similar presentations


Ads by Google