Linux Security Lab 2

In: Computers and Technology

Submitted By Ramman911
Words 313
Pages 2
1. What is the significance of creating Groups and adding Users to Groups?
By creating groups you can get people access to the information that they need to get to. When a user is created and added to a group that user then has the access permissions of the group that has been made.
2. Given a scenereo where there are 5 database admins that may periodically need access to a given system. Discuss a better concept to better manage the admins access permissions.
Break down admin responsabilities and only give them the access for what duties they need to perform. PAM command is a great idea in this scenereo.
3. New web admin account has been set up and a password provided. What is the command to force a password change upon login.
Chage –d 0 <user name>
4. What is the purpose of the “SU” command.
This is the command to get into the machine as ROOT. (Super User I like to call it) this is like the ultimate authority command to change what you want and equally allows you to screw things up if you want.
5. Restricting the use of the “SU” command can be configured using what mechanism.
/etc/pam.d/su to edit the PAM. Edit the #auth required pam_wheel.so use_uid
6. What is the purpose of the login.defs file? Creates accounts and is site specific for the shadow login. This has rules like expirations, password requirements.
7. What is the PASS_MIN_DAYS setting? Min days until you have to change the password
8. What is the PASS_MAX_DAYS setting? Why is it good to set this? Max days to change your password. This is a great idea to force people to change passwords and if they don’t then the account goes bye bye.
9. NO
10. Make group, use login.defs, set max…...

Similar Documents

Linux Securities

...Security of a system when you are open to the internet is paramount in the world of servers. Linux has many layers of ever evolving security in order to keep up with the would be attackers in cyberspace. This is one of the reasons that Linux is one of the most used servers for internet sites and has few viruses engineered towards it. IP Tables Developed by the Netfilter organization the IP tables package for Linux is an evolution of the IP chains which came from the IPv4 Linux firewall package. Paul Russel was the initial head author of the organization and also behind the IP chains project The Netfilter organization began to come together in 1999 and through collaboration and research recognized the shortcomings of the IP chains package and developed this new product in order to address these concerns and make needed improvements. The improvements added to the new IP tables package helped improve performance and overall security. Better integration with the kernel led to improved speed and reliability but the true value came from the new security features. Stateful packet inspection allows the firewall to keep track of every connection passing through it allowing for better monitoring and can even view certain contents and attempt to anticipate actions of certain protocols. Also the ability to filter packets based on MAC address and TCP header flags helps to prevent attacks using malformed packets. Even a rate limiting feature that is designed to eliminate some......

Words: 1131 - Pages: 5

Linux Securities

...Since its release to the public in 1991, the Linux operating system has become one of the most widely used operating systems in the world. This is largely because of the security features. The most popular of these three technologies are SELinux, chroot jail and iptables. We are going to break down the advantages and benefits of each of these features. The United States National Security Agency (NSA), the original developer of SELinux released the first version of this feature in December of 2000. According to a statement by the NSA "NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals" It provides the ability to separate information based on confidentiality and integrity requirements. The flexibility allows control over what activities can be done by each daemon, user, or process. Standard Linux access controls are modifiable by the user and the applications which the user runs. SELinux......

Words: 600 - Pages: 3

Linux Security

...programs and libraries need to be copied or linked to the appropriate locations in the new directory tree.” (Haas) The term sandbox is a metaphor for the type of security that chroot jail uses. Once you put a program or utility into the jail, it only knows of what is contained in the cell, the rest of your system becomes invisible to it. It does this by changing the apparent root directory for the current running process and its children. A program that is run in a modified environment cannot name files outside the designated directory tree. For example if you place Apache into a chroot jail and somebody would hack into your system, the only thing that they would be able to see and access would be Apache and the files needed to run it, the rest of your system does not even exist according to chroot jail. Chroot makes it more difficult for attacks to take place in your environment. To set up a useful chroot jail, first determine which utilities and or programs the users of the chroot jail will need. Then you must copy the appropriate binaries and their libraries into the jail. II. SELinux SELinux was developed by The U.S. National Security Agency(NSA). “SELinux was released under the NSA under the GNU GPL open source license. SELinux is essentially a Linux kernel with a number of utilities that provide enhanced security functionality. But the critical component of SELinux is how it implements and handles mandatory access controls. SELinux is important because......

Words: 1582 - Pages: 7

Linux Security

...The Linux security technologies I researched are SELinux, chroot jail and iptables. SELinux (Security-Enhanced Linux) is a Linux feature that provides the mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement. The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency. The United States National Security Agency (NSA), the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000. The software merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Network Associates, Red Hat, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions. Experimental ports of the FLASK/TE implementation have been made available via the TrustedBSD Project for the FreeBSD and Darwin operating systems. It provides an enhanced mechanism to enforce the separation of information based on......

Words: 1300 - Pages: 6

Lab 1 Is3440 Linux Security

...(Network Time Protocol) server was checked. From a security perspective, why is it important for a system to keep accurate time? The most interesting importance of NTP would be the auto key system, if your system doesn’t keep correct time a attacker who needs to change time so that a replay attack can happen could be very damaging, that is why today’s version of NTP shields against this in several ways. 2. During the install, a password has been set for the “root” user, and when is it appropriate to use this account? It is highly recommended that you only use this account when there are tasks that require root privileges such as moving files or directories into or out of system directories. 3. During the install, X-Window and a Desktop Manager were installed. However, in a production environment it is recommended NOT to run the X-Windows Environment. Explain the purpose for this recommendation? In a production environment hardware requirements and not to run the X-Windows Environment may sometimes vary, X-Window is intended for primarily workstation use only example personal computing on a Linux box. The X-Window was intended and developed for the network GUI only, X-Windows by itself doesn’t even have an interface. 4. During the install process it asks what the options given to create the partition are? Name them? It asked would I like to create Primary or an extended partition once I decided that I had to tell Linux how big was the partition was going to......

Words: 1158 - Pages: 5

Assignment 2 Linux Security

...Linux Security Technology Security of a system is important in our today’s use of the internet. That is why Linux with its many layers that are always evolving in security to protect against all kinds of hackers or othe types of attacks . SELinux, Chroot Jail, IPTables, Mandatory Access Control and Discrestionary Access Control, just to name a few. SELinux is an access control implementation for the Linux kernel. Take for instants that you are the administrator and you define rules in user space and if the Linux kernel has been added with SELinux support, then those rules will be followed by the kernel. SELinux is a NSA Security-Enhanced Linux, in which the mandatory access control is flexible. The structure of SELinux supports against all kinds of mandatory access control policies. Some of which are Role-Based Access Control and Multi-Level Security. It was designed by NSA for the purpose of protecting a server against malicious daemons, by telling the daemons what they can and can’t do. This type of technology was created by Secure Computing Corporation, but was supported by the U.S. National Security Agency. In 1992, the thought for a more intense security system was needed and a project called Distributed Trusted Match was created. Some good solutions evolved from this, some of which were a part of the Fluke operating system. Which then became the Flux and finally led to the creation of the Flask architecture. Eventually it was combined with the Linux kernel,......

Words: 873 - Pages: 4

Is3440 Linux Security Lab 1

...Week 1 Lab This lab consists of two parts: Make sure you label each section accordingly and answer all the questions. For this lab it is recommended that you review the Demo Lab presentations in the Unit 1 and Unit 2 Learning Space. Click the PRACTICE link > DEMO LAB > then click the hyperlink to launch the demonstration. Part # 1 Install a Core Linux Operating System on a Server Learning Objectives and Outcomes Upon completing this lab, students should know more about the following tasks: * Install a base Linux operating system using a Fedora core Linux server for production use on the VM server farm * Create secured partitions within the core Linux server for desired security hardening, performance, and application support * Enable a network time server during installation to maintain a synchronized time setting throughout the system * Set a hostname that is descriptive of the role of the server to maintain standard and concise naming conventions during installation * Create a non-privileged user account for system administration access as a secure alternative to logging in as root user Overview In this lab the students will see how to install and partition a Fedora Core Linux Server. The installation process, applying passwords, creating partitions, and system administrator access controls will be part of the operating system configuration requirements. The demonstration will show how to use the terminal or terminal emulator......

Words: 1494 - Pages: 6

Securing Linux Lab Assignment

...Week 3 Lab This lab consists of two parts. Make sure you label each section accordingly and answer all the questions. For this lab it is recommended that you review the Demo Lab presentations in the Unit 5 and Unit 6 Learning Space. Click the PRACTICE link > DEMO LAB > then click the hyperlink to launch the demonstration. Part #1 Apply Hardened Security for Linux Services & Applications Learning Objectives and Outcomes Upon completing this lab, students will learn about the following tasks: * Harden Linux server services when enabling and installing them, and keep a security perspective during configuration * Create an Apache Web Server installation and perform basic security configurations to assure that the system has been hardened before hosting a web site * Configure and perform basic security for a MySQL database, understanding the ramifications of a default installation and recommending hardening steps for the database instance * Install, setup and perform basic security configuration for Sendmail to be able to leverage the built-in messaging capabilities of the Linux System * Enable and implement secure SSH for encrypted remote access over the network or across the Internet of a Linux server system Overview This lab is an extension of the previous hands-on labs, and it incorporates security hardening for Linux services and applications loaded in the physical server. This demonstration will configure security and hardened......

Words: 2020 - Pages: 9

Linux Security Lab #1

...option to sync with a NTP server was checked. From a security perspective, why is it important for a system to keep accurate time? So, there can be a log if server went down and accurate time when and changes occurred 2) During the install, a password has been set for the “root” user. What is the root user, and when is it appropriate to use this account The root account is the most privileged account on a Linux system. This account gives you the ability to carry out all facets of system administration, including adding accounts, changing user passwords, examining log files, installing software, etc. If, you changing password you should do it in root user, but for security reason you should never user root account since it’s an administrator account. 3) During the install, X-Window and Desktop Manager were installed. However, in a production environment it is recommended not to run the X- Windows environment. Explain the purpose of this recommendation Linux is a command base program and X- Window is GUI therefore it is not recommended. During Linux installation, deselecting X Window packages, especially the base packages, will return errors concerning failed dependencies. You can safely deselect all of these applications, in addition to X itself 4) During the installation process it asks what the option given to create the partition are? Name them Ext 2 and Ext 4 5) Why is it important to partition a Linux system correctly? Like any partitions, if the......

Words: 1044 - Pages: 5

Linux Security

...Securing Linux Platforms and Applications Project Project Part 1 Task 1: Outline Security Policy This security policy is essential to the First World Bank Savings and Loan. It is used to break up the security plan not measurable, specific, and testable goals and objectives. This security policy would be used to provide all current and prospective customers online banking services while keeping the First World Saing bank competitive in the financial marketplace. This solution is also an imperative due to an estimated revenue of $100,0000,000 flowing in by virtue of online credit card transactions specific to banking and loan application based services. This security policy will go on to outline the specific regulations and legislation that are in agreement with the statutory compliance criteria. Below is a recommended view of the characteristics and components of the recommended security based policy. Taking up the stake of the performance, cost, and security of maintaining the Linux, and open source infrastructure will be within the premise of the defined roles and responsibilities. Annual cost savings are estimated to amount to $4,000,000 (approx) by virtue of implementation of this solution. The ‘C’-‘I’-‘A’ triad will be a crucial requirement fo the First World Savings Bank and translates to Confidentiality, Integrity and Availability respectively. Confidentiality aspect with reference to First World Savings Bank – Confidentiality refers to the principle that......

Words: 3404 - Pages: 14

Linux Security

...Linux Security Mr. Rehman 02 Feb 2015 Week 2 Lab 1 Please note that the parameters in this configuration file control the # behavior of the tools from the shadow-utils component. None of these # tools uses the PAM mechanism, and the utilities that use PAM (such as the # passwd command) should therefore be configured elsewhere. Refer to # /etc/pam.d/system-auth for more information. # # *REQUIRED* # Directory where mailboxes reside, _or_ name of file, relative to the # home directory. If you _do_ define both, MAIL_DIR takes precedence. # QMAIL_DIR is for Qmail # #QMAIL_DIR Maildir MAIL_DIR /var/spool/mail #MAIL_FILE .mail # Password aging controls: # # PASS_MAX_DAYS 60 Maximum number of days a password may be used. # PASS_MIN_DAYS 0 Minimum number of days allowed between password changes. # PASS_MIN_LEN 8 Minimum acceptable password length. # PASS_WARN_AGE 14 Number of days warning given before a password expires. -- INSERT [student@centos ~]$ su-c 'vi /etc/login.defs' bash: su-c: command not found [student@centos ~]$ su -c 'vi/etc/login.defs' Password: bash: vi/etc/login.defs: No such file or directory [student@centos ~]$ su -c 'vi /etc/login.defs' Password: [student@centos ~]$ su -c '/usr/sbin/useradd dbadmin1' Password: [student@centos ~]$ su -c '/usr/sbin/useradd dbadmin2 > su -c...

Words: 488 - Pages: 2

Linux Security

...Linux Security Project Part 1 Instructor Sandro Tuccinardi Student Brian Dupee Security Policy Outline First World bank wants to provide banking services online to its customers. The institution estimates over $100,000,000 a year in online credit card transactions for loan applications and other banking services. According to a team that was formed using a Linux an open source infrastructure would roughly as estimated give an annual cost savings in licensing fees alone can be as much as $4,000,000. The assets while using Linux open source infrastructure goal would be maintaining (CIA) triad confidentiality, integrity, and availability in the infrastructure. There is legislation, regulations, federal and state laws governing online banking. Compliance regulations such as Sarbanes–Oxley Act of 2002, Gramm–Leach–Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI DSS), Federal Information Security Management Act of 2002, Control Objectives for Information and Related Technology (COBIT). Many or part of these and more must be taken into consideration while putting this project in play. There are a couple of documents: ISO\IEC 17799 and ISO\IEC 27001. The ISO\IEC 17799 IT security technique is the policy for information security management, guidelines, principles for implementing and improving security. • security policy; • organization of information security; • asset management; • human resources security; • physical and......

Words: 448 - Pages: 2

Linux Security

...Project Part 1 ITT Technical Institute Table of Contents Task 1 Page 3 Task 2 Page 6 Task 3 Page 7 References Page 8 Task 1 First World Bank is a savings and loan financial institution that provides services to their customers like loans, credit cards and standard banking services. First World Bank believes that once they can provide their services online they will gain $100,000,000 a year in online credit card transactions. The issue is how to securely provide their services to their customers and how they can provide those services and still save money in doing so. First World Bank will have to comply with federal regulations to be compliant and to avoid fines and sanctions. If the First World Bank fails to safe guard the information that they have stored on their customers and that information is compromised then the First World Bank will lose customers and also their reputation. Gramm-Leach-Bliley Act (GLBA) is one of the federal regulations that the First World Bank needs to be in complaint and stay in compliance with. Gramm-Leach-Bliley is a regulation that requires banks to safe guard customer’s information and to provide how the institution shares customer’s information, what information is collected, who they share the information with, and how they protect it. This information is required to be disclosed to customers in writing, in the written notice the customer will also be......

Words: 1405 - Pages: 6

Linux Security

...| Linux Security | A review of some current technologies | | | | | In the pre-Internet world you have criminals looking for “hard” assets: money, jewelry and other items that could be easily turned into hard currency. We have always had “white-collar” crime such as embezzlement, fraud and insider trading. With the proliferation of the Internet and our personal and professional lives stored in the cloud; criminals can now take one ubiquitous piece of information and turn themselves into a whole other person. The ease in which such information can be used has turned people who would never think of ever holding up a bank, mugging someone or other physical crime, into criminals. This type crime has spawned a whole new “industry”: cyber security. One of the most important aspects of a network administrator’s job is to secure the system from any person who wishes to do criminal activities. These people are both within and outside the organization. With the Linux system there are three main technologies that are in use today. They are SELinux, chroot jail, and iptables. The first line of defense in a Linux system is chroot jail. Chroot is a process or application that changes the root directory for a user. To the user it appears that they are in their root directory, but they are actually in a modified root directory. This modified root directory is called jail. Without a chroot jail, a user with limited file permissions would still be able to......

Words: 942 - Pages: 4

Security in Linux

...Security in Linux Linux, like any other computing platform, is constantly changing. There are a few major focus points for new and upgraded platforms, one of which is how user friendly it is. User friendliness goes beyond the ability to simply point and click, it also goes behind the lines deep into the inner workings of the system. Security is one of the most important functions of any operating system, very commonly overlooked and taken for granted. A system administrator can configure tables that are provided by the Linux kernel firewall in a program called iptables. Iptables has the ability to redirect, modify or stop packets of data all based on the state of a connection at any given time. There are many different tables that can be defined and each table contains built in chains or user defined chains. Every chain is essentially a list of rules that matches a set of packets and it specifies what to do with a packet that matches the rules. For the casual user it is best to use the predefined rules, they are often more than adequate. In an enterprise situation the administrator would likely want to define additional rules in order to best suit the business needs. Before iptables Linux mainly used ipchains as a firewall package. Iptables is an improvement on ipchains because it monitors the state of connections. Iptables can use the state of the connection as opposed to ipchains using the source destination and content only, to redirect, modify or drop a packet. At least...

Words: 965 - Pages: 4