Download presentation
Presentation is loading. Please wait.
Published byElizabeth Ryan Modified over 9 years ago
1
Linux Networking Security Sunil Manhapra & Ling Wang Project Report for CS691X July 15, 1998
2
Approaches for Networking security n configure secure kernel n always send password, sensitive data…encrypted over the network n provide only necessary system services n verify DNS information n Firewalls n monitor the network carefully n backups (backup all the important information in case of intrusion).
3
Project Outline n SATAN n Logcheck n Sentry n SSH
4
SATAN n SATAN is a port scanner with a web interface n SATAN recognizes and reports several common network- related security problems, though it doesn’t attempt to solve them. n SATAN can be configured to do light, medium, or strong checks on a machine or network of machines. n Example problems SATAN can report: –NFS file systems exported to arbitrary hosts or to unprivileged programs –Writable anonymous FTP home directory –NIS password file access from arbitrary hosts n SATAN does NOT work on Red Hat 5.1
5
Logcheck n Log files aren’t frequently checked and mostly contain unimportant information n Automatically runs and checks system log files,filters them,and reports security violations and unusual activities via email n It allows you to specify what kind of violations should be reported to you n 00,15,30,45 * * * * /usr/local/etc/logcheck.sh
6
Sentry n To monitor a particular port/ports against probes n Sentry can detect and react –indicate via system log –host is dropped(entry in /etc/hosts.deny) –reconfigure to route traffic to a dead host –reconfigure to drop packets n sentry -tcp (basic port bound TCP mode) n sentry -stcp(stealth TCP scan detection) n sentry -atcp(advanced TCP stealth scan detection) n same applies for UDP also
7
SSH (Secure Shell) n SSH is a suite of programs used as secure replacement for rlogin, rsh and rcp to allow user to login to remote system with encrypted connection. n SSH prevents man-in-the-middle attacks and DNS spoofing. n SSH can be subverted by attackers who have root access or have access to your home directory.
8
SSH Components n Server daemon: sshd n r-Program replacements: –ssh: rlogin replacement –scp: rcp replacement n key management programs: –ssh-keygen: create authentication keys –ssh-agent: authentication agent, holds RSA authentication keys –ssh-add: register new keys with the agent n make-ssh-known-hosts: script to probe hosts on network for their public keys
9
Tips from our Experiences n Never run any program without specifying the path n Before installing any software,which should according to the creator,work on your system, search some relative mailing lists to find out what the problems other users had n It will never be a waste of time to read all documents before actually doing anything n Many problems can be understood and solved by looking into source code
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.