If you can't read please download the document
Introduction To Linux Security
Embed Size (px)
DESCRIPTION
Introduction to Linux Security presentation for Linux User Group (Singapore) 2004/4/7
Citation preview
- 1. Introduction to Linux Security
-
- Thursday 2 ndSeptember 2004
2. What we will cover:
- Turning off unnecessary servers and services
- Limit exposure of needed servers and services using
IPTables
3. Turning off xinetd launched services
- Locate the relevant file in /etc/xinetd.d
- Change no to yes in the disable field
4. Controlling Daemons
- Temporary turn a daemon off
- Permanently removing a daemon from automatically starting at
boot up
- Daemons start/stop scripts are stored in /etc/init.d
5. Who opened that port?
- Use netstat to locate the application that opened a particular
port
6. Limit access to required daemons
- What can you do when you actually need that service?
-
- Bind the service to localhost (ip address 127.0.0.1), if
possible
-
- Enable IPTables and control access to the particular
service
7. Keeping the system up-to-date
- All systems becomes vulnerable as time passes and new
vulnerabilities are discovered
- Always keep your system up-to-date to avoid unnecessary time
spent on recovering from a intrusion
8. Linux log files
- Log files are generally located in /var/log
- Syslog is the daemon that controls and create the log
files
- Use a tool like log check to limit the amount of lines of logs
to read through
9. Advanced Techniques
- Use a file integrity checker like tripwire to keep an eye at
changed files
- Use a Network IDS like snort to monitor attacks from the
network
10. Questions?
- Got any questions? Now is the time to ask them!
11. Recommended reading material
- The Linux Documentation Project
- Snort Network Intrusion Detection Software