security. file security user-level protection protect personal files three ways of protection...
Post on 20-Dec-2015
227 views
TRANSCRIPT
Security
File Security
•User-level protection•Protect personal files•Three ways of protection• password-based
• encryption-based
• access right
Password protection
•Login and password•Login names are public• /etc/passwd
•passwd
•yppasswd, nispasswd
Encryption
•Covert (encrypt) a file to a different form•Use gpg•gpg --gen-key• generates private & public keys
• ~/.gnupg
•encrypt & sign emails and files
System security
•Everyone is under threat•Specially when using Internet•Local threats also•Common sense, good practice•Err on the side of caution
Some threats
•Denial of Service (Dos)• Intrusion•Snooping•Viruses, Worms & Trojans•Rootkits
Initial steps to security
•shut down unwanted daemons• netstat -an
• /etc/services
•kill unwanted daemons• remove from init
•changing access permissions to needed services
Best Practices
•Complex passwords•Skip the root account•Don’t trust random binaries• strace, ltrace
•Log files• /var/log/syslog etc.
•Software update•Physical security
Firewall
•Packet filtering•Stateless / stateful filtering•netfilter / iptables•Firewall products• Firestarter, Smoothwall Express, IPCop, Shoreline