cit 140: introduction to itslide #1 csc 140: introduction to it file security
TRANSCRIPT
![Page 1: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/1.jpg)
CIT 140: Introduction to IT Slide #1
CSC 140: Introduction to IT
File Security
![Page 2: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/2.jpg)
CIT 140: Introduction to IT Slide #2
Questions
• What is security?• Authentication
– Users– Passwords– Groups
• Privacy• Integrity• Access Control
– chmod
![Page 3: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/3.jpg)
CIT 140: Introduction to IT Slide #3
What is Security?
Security is the prevention of certain types of intentional actions from occuring in a system.– These potential actions are threats.– Threats that are carried out are attacks.– Intentional attacks are carried out by an attacker.– Objects of attacks are assets.
![Page 4: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/4.jpg)
CIT 140: Introduction to IT Slide #4
Assets
1. Identity
2. Network bandwidth
3. Disk space
4. Confidential data
![Page 5: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/5.jpg)
CIT 140: Introduction to IT Slide #5
Threats
1. Theft
2. Vandalism
3. Extortion
4. Con Games
5. Fraud
![Page 6: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/6.jpg)
CIT 140: Introduction to IT Slide #6
Digital Threats: What’s Different• Automation
– Salami Attack from Office Space.
• Action at a Distance– Volodya Levin, from St. Petersburg, Russia, stole
over $10million from US Citibank. Arrested in London.
– Operators of CA BBS tried and convicted in TN court because TN had d/led pornography f/ CA.
• Technique Propagation– Criminals share techniques rapidly and globally.
![Page 7: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/7.jpg)
CIT 140: Introduction to IT Slide #7
Authentication on UNIX
Identity: username– Public knowledge– How would you find out someone’s username?
Authentication: password– Secret– How would you find out someone’s password?
![Page 8: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/8.jpg)
CIT 140: Introduction to IT Slide #8
Figuring out Passwords
1. Intentional disclosure– You tell someone your password.
2. Unintentional disclosure– Someone watches you type your password.
– Someone finds where you wrote it down.
3. Guessing– Guess based on what you know about person.
– Guess dictionary words + permutations.
4. Brute force– Try every combination of characters.
![Page 9: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/9.jpg)
CIT 140: Introduction to IT Slide #9
Changing your Password
• Why?– Prevent it from being guessed.– Change periodically to avoid brute force attacks.
• How?– passwd
![Page 10: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/10.jpg)
CIT 140: Introduction to IT Slide #10
Encryption-based Protection
![Page 11: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/11.jpg)
CIT 140: Introduction to IT Slide #11
Access Control: Identity
• Access to system resources restricted
• Restrictions based on identity– User– Group– Anyone
![Page 12: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/12.jpg)
CIT 140: Introduction to IT Slide #12
Access Control: Permissions
• Read– You can read the file with cat, more, etc.
• Write– You can modify the file with vi, OpenOffice, etc.
• Execute– You can run the file if it’s a program.
![Page 13: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/13.jpg)
CIT 140: Introduction to IT Slide #13
Access Control
![Page 14: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/14.jpg)
CIT 140: Introduction to IT Slide #14
Access Control: Directories
• Read– You can list directory contents with ls, etc.
• Write– You can create new files with touch, etc.– You can delete files with rm, etc.
• Execute– You can cd to the directory.
![Page 15: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/15.jpg)
CIT 140: Introduction to IT Slide #15
Octal Codes for Access Control
![Page 16: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/16.jpg)
CIT 140: Introduction to IT Slide #16
Access Control: Commands
Determining File Access Privilegesls –l , ls –ld
![Page 17: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/17.jpg)
CIT 140: Introduction to IT Slide #17
Access Control: Commands
![Page 18: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/18.jpg)
CIT 140: Introduction to IT Slide #18
Access Control: Commands
![Page 19: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/19.jpg)
CIT 140: Introduction to IT Slide #19
Access Control: Commands
Changing File Access Privileges– chmod [options] octal-mode file– chmod [options] symbolic file
![Page 20: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/20.jpg)
CIT 140: Introduction to IT Slide #20
Examples of chmod Command
![Page 21: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/21.jpg)
CIT 140: Introduction to IT Slide #21
Access Control: chmod
![Page 22: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/22.jpg)
CIT 140: Introduction to IT Slide #22
Access Control: chmod
![Page 23: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/23.jpg)
CIT 140: Introduction to IT Slide #23
Access Control: chmod
![Page 24: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/24.jpg)
CIT 140: Introduction to IT Slide #24
umask mask The access permission value on executable
file or directory is computed by:file permission = 777 –
mask
Current Value of the mask:$ umask
777
$
Access Control: Commands
![Page 25: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/25.jpg)
CIT 140: Introduction to IT Slide #25
Special Access Bits
The Set-User-ID (SUID) Bit– Command runs with privileges of file owner when.– chmod 4xxx file-list– chmod u+s file-list
The Set-Group-ID (SGID) Bit– Command runs with privileges of group owner.– chmod 2xxx file-list– chmod g+s file-list
The Sticky Bit– Prevents non-owners from removing/renaming files in dir.– chmod 1xxx file-list– chmod +t file-list
![Page 26: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/26.jpg)
CIT 140: Introduction to IT Slide #26
Special Bits Examples
SetUID Bit> ls -l /etc/passwd /usr/bin/passwd
-rw-r--r-- 1 root root 1335 2005 /etc/passwd
-rwsr-xr-x 1 root root 25464 2005 /usr/bin/passwd
SetGID Bit> ls –l /usr/bin/wall
-rwxr-sr-x 1 root tty 9784 2005 /usr/bin/wall
Sticky Bit> ls -ld /var/tmp
drwxrwxrwt 13 root root 4096 2005 /var/tmp
![Page 27: CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security](https://reader035.vdocuments.site/reader035/viewer/2022070409/56649e735503460f94b739a0/html5/thumbnails/27.jpg)
CIT 140: Introduction to IT Slide #27
Special Access Bits