linux and network security
DESCRIPTION
A short two-part talk introducing: Basic Linux/Unix system administration ( CentOS /RHEL5) General Computer/Network security … for the G53SEC module. Nick Reynolds. Linux and network security. CentOS 5. Adding Accounts. Need entry in /etc/ passwd Need password in /etc/shadow - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/1.jpg)
LINUX AND NETWORK SECURITY
A short two-part talk introducing:
•Basic Linux/Unix system administration (CentOS/RHEL5)•General Computer/Network security
… for the G53SEC module.
Nick Reynolds.
CentOS 5
![Page 2: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/2.jpg)
Adding AccountsNeed entry in
/etc/passwdNeed password in
/etc/shadowNeed home directory
/home/[username]Correct Permissions
$ man adduser$ adduser <username>
$ man passwd$ passwd <username>
Gui Alternative:redhat-config-users
![Page 3: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/3.jpg)
The Telnet Server (telnetd)Runs on receiving a connection man xintedStart with:
chkconfig krb5-telnet onStop with:chkconfig krb5-telnet off
![Page 4: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/4.jpg)
Configuring the Telnet ServerRead manual page:man telnetd
Set up accounts using:adduser
Change account shell:chsh <username>
(Tip: man ssh, chkconfig sshd on/off)
![Page 5: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/5.jpg)
Other Services ftp server httpd server (apache) ssh server …
![Page 6: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/6.jpg)
Network Configuration (Optional)redhat-config-network-gui
![Page 7: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/7.jpg)
Software Installs – DistributionSearching:yum search [string]
Installing:yum install [package]
Staying up to date:yum update
Lots more!:man yum man yum.conf
![Page 8: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/8.jpg)
Monitoring The SystemCheck logs:/var/log/*
Monitor network activity:tcpdump
Monitor processes:pstop
![Page 9: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/9.jpg)
Useful CommandsMove between accounts:/bin/su – [username]
Permissions and ownership:chmod <mode> <filename>chgrp <group> <filename>chown <user> <filename>
Manual pages:man <command>
![Page 10: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/10.jpg)
Useful ResourcesCentOS5 (RedHat EE) Documentation
http://netlab-gw.cs.nott.ac.uk/centos/5/docs/http://ftp.cs.nott.ac.uk/centos/5/docs/
Linux Documentation Projecthttp://newton.ex.ac.uk/LDP/
Search Engines!
![Page 11: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/11.jpg)
Final CentOS NotesMany ways to achieve the same result.Experiment within a user account.Don’t make to many changes in one go.Stay up to date (yum update)Advanced methods to configure servers:man pam
![Page 12: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/12.jpg)
General Network/Computer SecurityEncryptionAccess PermissionsWho/what do you trust?Network Infrastructure
![Page 13: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/13.jpg)
Encryption
![Page 14: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/14.jpg)
EncryptionUse secure Protocols
Insecure Secure
telnet sshftp scpimap imapshttp https
![Page 15: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/15.jpg)
Access Permissions
![Page 16: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/16.jpg)
Access Permissions File/directory permissions
Firewalls
![Page 17: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/17.jpg)
Who/What do you trust?
![Page 18: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/18.jpg)
Who/What do you trust? DHCP?
IP Addresses?
![Page 19: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/19.jpg)
Network Infrastructure
![Page 20: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/20.jpg)
Network Infrastructure Where does your data go?
Switches? Hubs? Which route?
Wi-fi
![Page 21: Linux and network security](https://reader035.vdocuments.site/reader035/viewer/2022062316/5681684c550346895dde47a2/html5/thumbnails/21.jpg)
The End!