Download - Linux: Networking & Security
Linux:Networking & Security
Feng Gao1045042000-08-31
Objective (1)
Give an overview of the networking capacities of the Linux OS Networking protocols Capacity for file sharing & printing Capacity for Internet/Intranet services Capacity for remote execution of application Capacity for acting as network interconnection Capacity for network management
Objective (2)
Talk about some security tools for Linux network
Monitoring tools Network services System integrity Management & limitation
Brief Introduction of Linux OS
A Unix like operating system Completely open source code
no royalty or licensing fees the source code can be modified to fit users’
needs
Fast, powerful, and extremely stable Cross hardware and platform Tons of application software Created by and for the Internet
Why Linux is a choice for network
Cheap & portable Ideal for many small to medium businesses
Open source code Tons of applications are freely available Modifiable whenever/wherever needed
Robustness
Who uses Linux?
Ford Motor Co. NASA Disney General
Electric IRS
UPS NASDAQ Boeing many leading
US Universities
Besides ISPs and other Web companies, the following companies had some Linux servers installed in 1997.
Used for gateways, routers, file and print servers, database servers, computation servers, development servers, CAD, besides being used as Web servers.
Part I
Linux Networking
Network protocols supported by Linux
TCP/IP IPv6 ( IP version 6 ) IPX/SPX AppleTalk Protocol WAN networking Protocols Isdn4linux PPP, SLIP, PLIP ATM More
File sharing and printing
Sharing with Apple environment using AppleTalk family protocols ( NetaTalk)
Sharing with Windows environment using Samba ( an implementation of SMB
protocol)
Sharing with Novell environment using IPX/SPX
Sharing with Unix environment using NFS ( Network File system)
Internet / Intranet services
Mail Mail Servers ( eg.Sendmail, smail, qmail, etc.) Remote access to mail (POP, IMAP) Fetchmail
Web Servers Apache
Stable, Robust
Yahoo, Altavista, Geocities, Hotmail are based on this server
Internet/Intranet services (cont’)
Web Browsers Netscape Navagator, Mozilla , lynx, etc.
FTP servers & clientsNews serviceDomain Name System ( DNS ) NIS ( Network Information Service )
Remote execution of application
Telnet Use a remote computer as if just at the site
Remote commands Execution of a command on a remote machine
The X window system The X server controls the display and I/O The X client do the real computing work
VNC ( Virtual Network Computing) eg. Execute in a Windows machine and output
displayed in a Linux machine
Acting as Network Interconnection
Bridge RouterFirewall Proxy Server IP Masquerade
Load BalancingTraffic ShapingPort ForwardingVirtual private
networks
Network Management
Network management applications Webmin Linuxconf
SNMP (Simple Network Management Protocol ) allows for remote monitoring and
configuration of routers, bridges , network cards, switches …
Part II
Security tools for Linux network
Monitoring tools
Scan to determine if the machine is vulnerable to a specific exploit on that server
Connect to target machine on all ports they canHelp to fix the found problemsExamples:
SATAN ( Security Administrator’s Tool for Analyzing Networks )
ISS( Internet Security Scaner ) SAINT ( updated version of SATAN ) Nessus, xSid, Logcheck, PortSentry
Network Services
Problem The more services the system offers, the more
places for attackers to find a hole
Network Services (cont’)
Strategy Disable or remove services not needed Use tcp_wrappers to wrap all the TCP services Use SSH to replace old, insecure remote programs such
as telnet, rlogin, rdist, rcp
SSH A secure login program that revolutionized remote
management of networks hosts over the Internet A powerful program that uses strong cryptography for
protecting all transmitted confidential data
System integrity
Problem A typical Linux server handles about 30,400
files In its busy times administrators can’t check
the integrities of all system files A cracker can easily install or modify some
files
System Integrity ( cont’ )
Security tools Tripwire Tripwire ASR ( Academic Source Release )
Create a database first Check the integrity of a system at any time Compare the current system and the stored database Find if malicious changes exist
Management & Limitation
GnuPG A tool for secure communication and data
storage Can be used to encrypt data and create digital
signatures
Quota A system administration tool for monitoring and
limiting users’ and groups’ disk usage With quota, the users are forced by the system
administrator to not consume unlimited disk space on a system
Summary
The network capacities of Linux OS : Support of many network protocols File sharing and printing Internet / Intranet Services Remote execution of application Acting as network interconnection Network managemet
We’ve talked about:
Summary
Some security tools for Linux network: Monitoring tools Network services System integrity Management & Limitation
Also talked about: