Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

Published byAshlyn Hutchinson Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."— Presentation transcript:

1 © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and Applications Lesson 2 Basic Components of Linux Security

2 Page 2 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective  Describe components of Linux security.

3 Page 3 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  Understand boot loaders  Security considerations while using kernel and user space components  Discretionary access control (DAC) and access control lists (ACLs)  Mandatory access control (MAC) with Security Enhanced Linux (SELinux)  Concepts of a packet filtering firewall

4 Page 4 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: CONCEPTS

5 Page 5 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Common Boot Loaders  Grand Unified Bootloader (GRUB)  Linux Loader (LILO)  Loadlin  Universal Bootloader (U-Boot)

6 Page 6 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Configuration OptionsComments default=0Is for default kernel to boot timeout=0Sets the timeout to zero color green/blueSpecifies the color for the GRUB screen password – md5 Is for the encrypted password splashimage=(hd0,0)/gru b/splash.xpm.gz Is for “splash” image that shows when you access the GRUB menu GRUB Configuration Options

7 Page 7 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The Linux Firewall Location of iptables Location of netfilter User

8 Page 8 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Layered Security

9 Page 9 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: PROCESS

10 Page 10 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Common Linux Access Controls

11 Page 11 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: ROLES

12 Page 12 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Access Control Mechanisms DAC  Defines the access control for objects in the filesystem ACLs  Grants “special” permissions to users or groups for an object in the filesystem that are not specified in the DAC permissions MAC  Adds additional categories to objects in the filesystem

13 Page 13 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: CONTEXTS

14 Page 14 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Kernel Space  Kernel space has access and can control all aspects of a Linux system  Loadable kernel modules (LKMs) are a common avenue for rootkits

15 Page 15 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. User Space  User space is the most likely avenue that black-hat hackers attempt to exploit the Linux system.  It is common for black-hat hackers to gain unauthorized access simply by guessing an easy password from a user account.

16 Page 16 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. DISCOVER: RATIONALE

17 Page 17 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Importance of a Firewall  Firewall on each host server provides an additional layer of security:  If the network perimeter firewall allows unauthorized traffic into the network, firewall protects servers from the unauthorized traffic.  Firewall provides additional protection to host servers if a rogue program infects the local area network (LAN).

18 Page 18 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Importance of Securing Core Components  Default settings, improper file permissions, and insecure user accounts are common methods used by black-hat hackers to gain unauthorized access.  Best practices and compliance standards require basic security and can result in hefty fines, if not followed.

19 Page 19 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Understand boot loaders  The process of Linux access control  Access control mechanisms such as DAC, ACLs, and MAC  Considerations for using kernel space and user space  Importance of firewall and securing core components

20 Page 20 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. OPTIONAL SLIDES

21 Page 21 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. A Linux Kernel Configuration Menu

22 Page 22 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Red Hat’s Authentication Configuration Tool

23 Page 23 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The Security Level Configuration Tool for Firewalls

24 Page 24 Security Strategies in Linux Platforms and Applications © 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. The SELinux Administration Tool

Download ppt "© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and."

Similar presentations

Planning and Administering Windows Server® 2008 Servers

Planning and Administering Windows Server® 2008 Servers
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Fundamentals of Information Systems Security.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Linux Boot Loaders. ♦ Overview A boot loader is a small program that exists in the system and loads the operating system into the system’s memory at system.

Linux Boot Loaders. ♦ Overview A boot loader is a small program that exists in the system and loads the operating system into the system’s memory at system.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.

SECURITY What does this word mean to you? The sum of all measures taken to prevent loss of any kind.
Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.

Linux+ Guide to Linux Certification, Second Edition Chapter 3 Linux Installation and Usage.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.

Lesson 4-Installing Network Operating Systems. Overview Installing and configuring Novell NetWare 6.0. Installing and configuring Windows 2000 Server.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Policies and Implementation Issues.

© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Policies and Implementation Issues.
Managing Risk in Information Systems Strategies for Mitigating Risk

Managing Risk in Information Systems Strategies for Mitigating Risk
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.
Linux Security.

Linux Security.

Similar presentations

Ads by Google