Linux Security best Practices with Fedora
1 like962 views
The document outlines best practices for Linux security with a focus on Fedora, categorizing security controls into physical, technical, and administrative measures. It highlights the importance of assessing vulnerabilities and understanding threats to network, server, and workstation security, emphasizing the necessity of strong password policies and proactive security assessments. Strategies to mitigate risks include using encryption, regular software updates, and training personnel on security awareness.
Linux Security best Practices with Fedora
- 1. Linux Security Best Practices with Fedora Uditha Bandara Wijerathna udinnet@fedoraproject.com
- 2. What is Computer Security? ● Covers a wide area of computing and information processing ● Several terms and metrics have entered our daily business vocabulary ● The availability and trustworthiness of data can be the difference between success and failure
- 3. Security Controls Computer security is often divided into three distinct master categories, commonly referred to as controls ●Physical ●Technical ●Administrative
- 4. Security Controls Contd.. Physical controlPhysical control is the implementation of security measures in a defined structure used to deter or prevent unauthorized access to sensitive material. • Closed-circuit surveillance cameras • Motion or thermal alarm systems • Security guards • Picture IDs • Locked and dead-bolted steel doors • Biometrics (includes fingerprint, voice, face, iris, handwriting, and other automated methods used to recognize individuals)
- 5. Technical controls use technology as a basis for controlling the access and usage of sensitive data throughout a physical structure and over a network. Technical controls are far-reaching in scope and encompass such technologies as • Encryption • Smart cards • Network authentication • Access control lists (ACLs) • File integrity auditing software Security Controls Contd.. Technical control
- 6. Security Controls Cont'd.. Administrative control Administrative controls define the human factors of security. They involve all levels of personnel within an organization and determine which users have access to what resources and information by such means as • Training and awareness • Disaster preparedness and recovery plans • Personnel recruitment and separation strategies • Personnel registration and accounting
- 7. Thinking Like the Enemy ● Given the complexity of today's software and networking environments, exploits and bugs are a certainty. ● you must think like a cracker and gauge the security of your systems by checking for weaknesses ● There can be potential issues that can be addressed before a cracker explores it. ● Think about your system's security by taking your home as an example. ● Focus on their tools,mentality, and motivations, and you can then react swiftly to their actions.
- 8. Defining Assessment and Testing • Creates proactive focus on information security • Finds potential exploits before crackers find them • Results in systems being kept up to date and patched • Promotes growth and aids in developing staff expertise • Reduce financial loss and negative publicity Benefits Vulnerability Assessment InternalExternal
- 9. Hacker and Cracker Hacker... Bad or Good? Hacking Culture
- 10. Threats Threats to ● Network Security ● Server Security ● Workstation and Home PC Security
- 11. Threats to Network Security Insecure Architecture Broadcast Network Centralized Servers A misconfigured network is a primary entry point for unauthorized users. Introduces a single point of failure on the network Most vulnerable to address resolution protocol (ARP) or media access control (MAC) address spoofing by both outside intruders and unauthorized users on local hosts.
- 12. Threats to Server Security Unused service and ports Unpathced Services A common occurrence among system administrators is to install the operating system without paying attention to what programs are actually being installed. There is no such thing as perfect software and there is always room for further refinement. A common occurrence among system administrators is to install the operating system without paying attention to what programs are actually being installed. A common occurrence among system administrators is to install the operating system without paying attention to what programs are actually being installed.
- 13. Threats to Workstation and Home PC Security Bad Passwords Vulnerable Client Application Bad passwords are one of the easiest ways for an attacker to gain access to a system. Although an administrator may have a fully secure and patched server, that does not mean remote users are secure when accessing it.
- 14. Common Exploits and Attacks Null or Default Passwords Default Shared Keys Leaving administrative passwords blank or using a default password set by the product vendor. Secure services sometimes package default security keys for development or evaluation testing purposes.
- 15. IP Spoofing Eavesdropping Common Exploits and Attacks Contd... A remote machine acts as a node on your local network, finds vulnerabilities with your servers, and installs a backdoor program or trojan horse to gain control over your network resources. Collecting data that passes between two active nodes on a network by eavesdropping on the connection between the two nodes.
- 16. Service Vulnerabilities Application Vulnerabilities Common Exploits and Attacks Contd... An attacker finds a flaw or loophole in a service run over the Interne Attackers find faults in desktop and workstation applications Denial of Service (DoS) Attacks Attacker or group of attackers coordinate against an organization's network or server resources by sending unauthorized packets to the target host
- 19. BIOS and Boot Loader Security Securing non-X86 Platforms BIOS passwords 1. Preventing Changes to BIOS Settings 2. Preventing System Booting Ex. Intel® ItaniumTM computers use the Extensible Firmware Interface (EFI) shell
- 20. Boot Loader Security Boot Loader passwords 1. Preventing Access to Single User Mode 2. Preventing Access to the GRUB Console 3. Preventing Access to Insecure Operating Systems
- 21. Password Security ● Primary method that Fedora uses to verify a user's identity ● Data Encryption Standard (DES) and Message- Digest Algorithm (MD5) ● /etc/shadow and /etc/passwd
- 22. Creating Strong Passwords • Do Not Use Only Words or Numbers • Do Not Use Recognizable Words • Do Not Use Words in Foreign Languages • Do Not Use Personal Information • Do Not Use Hacker Terminology (LEET) • Do Not Invert Recognizable Words • Do Not Write Down Your Password • Do Not Use the Same Password For All Machines • Make the Password at Least Eight Characters Long • Mix Upper and Lower Case Letters • Include Non-Alphanumeric Characters • Pick a Password You Can Remember
- 24. Creating User Passwords within an Organization
- 26. Password Aging
- 28. The su Command
- 29. The sudo Command