Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIS 193A – Lesson4 Bastille Hardening a System. CIS 193A – Lesson4 Focus Question What Linux utilities, commands, and files are used by Bastille to harden.

Published byMadison McCarthy Modified over 9 years ago

Similar presentations

Presentation on theme: "CIS 193A – Lesson4 Bastille Hardening a System. CIS 193A – Lesson4 Focus Question What Linux utilities, commands, and files are used by Bastille to harden."— Presentation transcript:

1 CIS 193A – Lesson4 Bastille Hardening a System

2 CIS 193A – Lesson4 Focus Question What Linux utilities, commands, and files are used by Bastille to harden a system?

3 CIS 193A – Lesson4 The Bastille Package /etc/Bastille - Configuration files (config) /var/log/Bastille - Reports and log files /var/log/Bastillerevert - backup files /usr/lib/Bastille - Perl libraries /usr/share/Bastille - Documentation

4 CIS 193A – Lesson4 Command Syntax bastille –a # --assess Assess the system bastille –x # -c for curses Create config file and implement changes bastille –b Harden system with specified configuration bastille –r Undoes the configuration

5 CIS 193A – Lesson4 Bastille Groupings File Permissions Account Security Boot Security Logging Miscellaneous Daemons Secure Inetd Disable User Tools Services: Sendmail, Printing, Apache, DNS, FTP

6 CIS 193A – Lesson4 File Permissions Setting permissions in /sbin and /usr/sbin to 750 instead of 755 Removing setuid bits from: –mount, umount –ping traceroute –dump restore –at –X windows –others

7 CIS 193A – Lesson4 Account Security Disable clear text r-protocols Add password aging Strengthen umask Disable root loggins on ttys Remove extraneous accounts and groups Restrict use of cron to root account

8 CIS 193A – Lesson4 Boot Security Password protect grub or lilo Disable ctrl-alt-del reboot sequence Password protect single user mode

9 CIS 193A – Lesson4 Logging Adding additional logging Activating system auditing Turning on process accounting

10 CIS 193A – Lesson4 Miscellaneous Daemons Disable the following services: –apmd / acpid –nfs, nis –samba –pcmcia –gpm –kudzu –etc

11 CIS 193A – Lesson4 Secure Inetd Disable telnet service Disable ftp service Include default deny for hosts.deny Banners: authorized use warnings

12 CIS 193A – Lesson4 Disable User Tools Disable compilers

13 CIS 193A – Lesson4 Review

14 CIS 193A – Lesson4 Focus Question What Linux utilities, commands, and files are used by Bastille to harden a system? Bastille uses grub, PAM, chkconfig, chmod, iptables, and edits such files as issue, securetty, nologin, inittab, login.defs, as well as service configuration files.

Download ppt "CIS 193A – Lesson4 Bastille Hardening a System. CIS 193A – Lesson4 Focus Question What Linux utilities, commands, and files are used by Bastille to harden."

Similar presentations

Some history PDP versions BSD/Version 7 split VAX virtual memory implementations End of line 4.4 BSD System V merges Modern versions OSF/1, Solaris, HPUX.

Some history PDP versions BSD/Version 7 split VAX virtual memory implementations End of line 4.4 BSD System V merges Modern versions OSF/1, Solaris, HPUX.
INSTALLING LINUX.  Identify the proper Hardware  Methods for installing Linux  Determine a purpose for the Linux Machine  Linux File Systems  Linux.

INSTALLING LINUX.  Identify the proper Hardware  Methods for installing Linux  Determine a purpose for the Linux Machine  Linux File Systems  Linux.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.

Linux File & Folder permissions. File Permissions In Ubuntu, files and folders can be set up so that only specific users can view, modify, or run them.
Linux Security An overview notes from Linux Network Security HowTO.

Linux Security An overview notes from Linux Network Security HowTO.
System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.

System Hardening Borrowed from the CLICS group. System Hardening How do we respond to problems? (e.g. operating system deadlock) Detect Detect (Detect.
Linux+ Guide to Linux Certification, Second Edition Chapter 15 Configuring Network Services and Security.

Linux+ Guide to Linux Certification, Second Edition Chapter 15 Configuring Network Services and Security.
Linux Security 資管研究生 劉順德. Outline General Security –Account –Local –Network –Patch Services Security –Sendmail –BIND/DNS –Apache –FTP Recent Linux security.

Linux Security 資管研究生 劉順德. Outline General Security –Account –Local –Network –Patch Services Security –Sendmail –BIND/DNS –Apache –FTP Recent Linux security.
A Guide to Unix Using Linux Fourth Edition

A Guide to Unix Using Linux Fourth Edition
GNU/Linux Filesystem 1 st AUT GNU/Linux Festival Computer Engineering & IT Department Bahador Bakhshi.

GNU/Linux Filesystem 1 st AUT GNU/Linux Festival Computer Engineering & IT Department Bahador Bakhshi.
Lesson 22 – Introduction to Linux Systems Administration.

Lesson 22 – Introduction to Linux Systems Administration.
Chapter 10 Linux 10.1 User Interface Administration

Chapter 10 Linux 10.1 User Interface Administration
Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.

Linux File Security. What is Permission ? Specifies what right are granting to users to access the resources available in the computer. So that important.
UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.

UNIT - III. Installing Samba Windows uses Sever Message Block(SMB) to communicate with each other using sharing services like file and printer. Samba.
Linux System Administration LINUX SYSTEM ADMINISTRATION.

Linux System Administration LINUX SYSTEM ADMINISTRATION.
1.  The Linux system of permissions is much more difficult than that of Windows  System administrators are given more control with the use of three.

1.  The Linux system of permissions is much more difficult than that of Windows  System administrators are given more control with the use of three.
Configuring Disk Quotas Linux System Administration To implement disk quotas, use the following steps: Enable quotas per file system by modifying /etc/fstab.

Configuring Disk Quotas Linux System Administration To implement disk quotas, use the following steps: Enable quotas per file system by modifying /etc/fstab.
Linux+ Guide to Linux Certification, Third Edition

Linux+ Guide to Linux Certification, Third Edition
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.

Va-scanCopyright 2002, Marchany Securing Solaris Servers Randy Marchany.

Similar presentations

Ads by Google