Open navigation menu

Welcome to Scribd!

Lesson 11 - Securing Your System

Uploaded by

Hữu Phúc Đào

0% found this document useful (0 votes)

7 views39 pages

The document discusses securing a system by performing security administration tasks like limiting user access and auditing. It also discusses setting up host security by disabling unused services, configuring firewalls and encryption. Specific techniques covered include using SSH for secure connections, GPG/PGP for encrypting data and digital signatures, and hardening network services. The goal is to secure the system from unauthorized access by locking down ports, passwords, permissions and encrypting sensitive data.

Original Description:

Copyright

© © All Rights Reserved

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

The document discusses securing a system by performing security administration tasks like limiting user access and auditing. It also discusses setting up host security by disabling unused services, configuring firewalls and encryption. Specific techniques covered include using SSH for secure connections, GPG/PGP for encrypting data and digital signatures, and hardening network services. The goal is to secure the system from unauthorized access by locking down ports, passwords, permissions and encrypting sensitive data.

Copyright:

© All Rights Reserved

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

7 views39 pages

Lesson 11 - Securing Your System

Uploaded by

Hữu Phúc Đào

The document discusses securing a system by performing security administration tasks like limiting user access and auditing. It also discusses setting up host security by disabling unused services, configuring firewalls and encryption. Specific techniques covered include using SSH for secure connections, GPG/PGP for encrypting data and digital signatures, and hardening network services. The goal is to secure the system from unauthorized access by locking down ports, passwords, permissions and encrypting sensitive data.

Copyright:

© All Rights Reserved

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 39

Search inside document

Lesson 11: Securing Your System

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 1

Objectives covered

o 110.1 Perform security administration tasks (weight: 3)

o 110.2 Set up host security (weight: 3)
o 110.3 Securing data with encryption (weight: 4)

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 2

Perform security administration tasks

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 3

Locating SUID/SGID Files

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 4

Securing passwords

/etc/passwd and /etc/shadow

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 5

Securing passwords – Account status

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 6

Limit user access to system resources

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 7

Auditing User Access

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 8

Auditing User Access

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 9

Switch user - su utility

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 10

sudo utility

USERNAME HOSTNAME-OF-SYSTEM=(USER:GROUP) COMMANDS

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 11

Set up host security

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 12

Discovering Open Ports with nmap

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 13

Identifying Open Ports with netstat

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 14

Surveying Network Sockets via ss and
systemd.socket

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 15

Auditing Open Files with lsof and fuser

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 16

Auditing Open Files with lsof and fuser

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 17

Disabling unused services

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 18

Using Super server for network services

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 19

Configuring xinetd

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 20

Configuring xinetd

/etc/xinetd.d/

/etc/xeitd.conf

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 21

Using TCP Wrappers

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 22

Securing data with encryption

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 23

Key concepts

Asymetric key example

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 24

Data hashing and message digest

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 25

Digital Signature

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 26

Secure Shell (SSH)

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 27

Secure Shell (SSH)

Vital configuration on sshd_config

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 28

Authenticate with SSH key

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 29

Authenticate with SSH key

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 30

Authenticate with Authentication Agent

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 31

SSH Tunneling

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 32

Using SSH more securely

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 33

Using GNU Privacy Guard (GPG or GnuPG)

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 34

Using GNU Privacy Guard (GPG or GnuPG)

Generate keys and transfer the public key

Receiver

Public key is sent to

the sender for
encrypting data

Sender

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 35

Using GNU Privacy Guard (GPG or GnuPG)

Encrypting and decrypting the data

Receiver

Sender
Encrypted data is
sent to the receiver

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 36

Using GNU Privacy Guard (GPG or GnuPG)

Signing Messages and Verifying Signatures

Receiver

Signed Encrypted data is sent to the receiver

Sender

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 37

Using GNU Privacy Guard (GPG or GnuPG)

Revoking a Key

Receiver

Revocation certificate is sent to sender

Sender

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 38

Question...!

This document is created by Nguyen Hoang Chi Chi.Nguyen.e4w@gmail.com Page 39

You might also like

Nota 12 Dic 2023
Document26 pages
Nota 12 Dic 2023
amaestrap
No ratings yet
Lesson 12 - Setting Up System Security
Document33 pages
Lesson 12 - Setting Up System Security
Linh Hà
No ratings yet
Lesson 3 - Managing Software and Processes - Part 2
Document24 pages
Lesson 3 - Managing Software and Processes - Part 2
Nguyễn Nam
No ratings yet
Lesson 9 - Configuring Basic Networking Part 3
Document9 pages
Lesson 9 - Configuring Basic Networking Part 3
Hữu Phúc Đào
No ratings yet
Lesson 2 - Exploring Linux Command-Line Tools - Part 1
Document25 pages
Lesson 2 - Exploring Linux Command-Line Tools - Part 1
Hữu Phúc Đào
No ratings yet
Lesson 3 - Managing Software and Processes - Part 1
Document29 pages
Lesson 3 - Managing Software and Processes - Part 1
Nguyễn Nam
No ratings yet
What Is GPG ?
Document2 pages
What Is GPG ?
Rama Krishnan
No ratings yet
Lesson 10 - Writing Scripts
Document35 pages
Lesson 10 - Writing Scripts
Hữu Phúc Đào
No ratings yet
Lesson 8 - Administering The System - Part 1
Document16 pages
Lesson 8 - Administering The System - Part 1
Linh Hà
No ratings yet
Lab 6 - Encryption Using OpenPGP Completed
Document10 pages
Lab 6 - Encryption Using OpenPGP Completed
abdalla
No ratings yet
Lesson 9 - Offering Web Services
Document41 pages
Lesson 9 - Offering Web Services
Linh Hà
No ratings yet
Demo Your Work, 6PM-7PM, in CEDAR, ROOM 2075 (0 Will Be Given If No Demo)
Document1 page
Demo Your Work, 6PM-7PM, in CEDAR, ROOM 2075 (0 Will Be Given If No Demo)
Rahul Dev P
No ratings yet
Lesson 8 - Administering The System - Part 2
Document16 pages
Lesson 8 - Administering The System - Part 2
Nguyễn Nam
No ratings yet
Experiment No. 8: Aim: Theory
Document9 pages
Experiment No. 8: Aim: Theory
Kaitlyn beckham
No ratings yet
Lesson 2 - Exploring Linux Command-Line Tools - Part 2
Document28 pages
Lesson 2 - Exploring Linux Command-Line Tools - Part 2
Nguyễn Nam
No ratings yet
PGP Report
Document17 pages
PGP Report
Vibhuti Bhushan
100% (1)
Lesson 5 - Managing Files - Part 2
Document19 pages
Lesson 5 - Managing Files - Part 2
Linh Hà
No ratings yet
File Security Based On Pretty Good Privacy (PGP) Concept: Computer and Information Science June 2011
Document20 pages
File Security Based On Pretty Good Privacy (PGP) Concept: Computer and Information Science June 2011
David
No ratings yet
Lab2 PGP
Document5 pages
Lab2 PGP
Danar
No ratings yet
Literature Survey
Document2 pages
Literature Survey
trenjadu
No ratings yet
Enabling PGP Encryption For Visa/Mastercard/Diner'S Club Corporate Card Transaction Files
Document3 pages
Enabling PGP Encryption For Visa/Mastercard/Diner'S Club Corporate Card Transaction Files
Janardhan
No ratings yet
Practical Assignment No. 4: Aim: Introduction To Gnupg Encryption System. Theory: Gnupg
Document3 pages
Practical Assignment No. 4: Aim: Introduction To Gnupg Encryption System. Theory: Gnupg
Abhinav arora
No ratings yet
GOOD GPG Reference Gpg-Com-4
Document62 pages
GOOD GPG Reference Gpg-Com-4
bacoo
No ratings yet
PGP Encryption & Decryption
Document8 pages
PGP Encryption & Decryption
info.glcom5161
No ratings yet
E-Commerce Crime and Security Problems Encryption-Techniques
Document22 pages
E-Commerce Crime and Security Problems Encryption-Techniques
Anonymous zv1YtmjN
No ratings yet
Caleb Cooper Identity
Document27 pages
Caleb Cooper Identity
Balungile
No ratings yet
Experiment No: 6: Advanced System Security & Digital Forensics Lab Manual Sem 7 DLOC
Document7 pages
Experiment No: 6: Advanced System Security & Digital Forensics Lab Manual Sem 7 DLOC
RAHUL GUPTA
No ratings yet
Ais615 Tutorial Chapter 9 Q
Document3 pages
Ais615 Tutorial Chapter 9 Q
lianatasia ramli
No ratings yet
FTP PGP Basics
Document2 pages
FTP PGP Basics
ddd7890ddd
No ratings yet
Experiment No-10: Name: Rhugved Satardekar Roll No: 17141208
Document6 pages
Experiment No-10: Name: Rhugved Satardekar Roll No: 17141208
Pallavi Bharti
No ratings yet
Lesson 7 - Configuring The GUI, Localization, and Printing - Part 1
Document23 pages
Lesson 7 - Configuring The GUI, Localization, and Printing - Part 1
Linh Hà
No ratings yet
Praticas PKI 2.3en
Document12 pages
Praticas PKI 2.3en
Ricardo Fonseca
No ratings yet
Gpg4win Compendium en
Document182 pages
Gpg4win Compendium en
Jorge Hernandez Soto
No ratings yet
Cryptography v2
Document10 pages
Cryptography v2
xmallmall1961
No ratings yet
OpenText StreamServe 5.6.2 Security User Guide
Document44 pages
OpenText StreamServe 5.6.2 Security User Guide
Abdelmadjid Bouamama
No ratings yet
Exp 8 - GPG - D12B - 74 PDF
Document4 pages
Exp 8 - GPG - D12B - 74 PDF
PRATIKSHA WADIBHASME
No ratings yet
Documentation
Document56 pages
Documentation
Pidikiti Surendra Babu
No ratings yet
Pretty Good Privacy PGP
Document19 pages
Pretty Good Privacy PGP
Harshil Dave
100% (1)
Complete Lab Programs
Document71 pages
Complete Lab Programs
md_2829
No ratings yet
Adem Seminar PPT Final Reportsss
Document16 pages
Adem Seminar PPT Final Reportsss
Simon Yohannes
No ratings yet
PGP Key Generation
Document2 pages
PGP Key Generation
Deba Jena
No ratings yet
Website Hacking
Document23 pages
Website Hacking
suraj.hitech76
No ratings yet
05236215
Document6 pages
05236215
jaya
No ratings yet
Cryptography and Security Services - Mechanisms and Applications
Document489 pages
Cryptography and Security Services - Mechanisms and Applications
Alexandru
100% (3)
CIS 221 Assignment 2 Enosh Thomas 300205939
Document11 pages
CIS 221 Assignment 2 Enosh Thomas 300205939
EnOSh
No ratings yet
Doctor Who Security and Encryption FAQ - Revision 22.3
Document36 pages
Doctor Who Security and Encryption FAQ - Revision 22.3
anon-575078
100% (8)
TK Inter
Document16 pages
TK Inter
Honey
No ratings yet
Aplikasi Steganography Pada File Dengan Menggunakan Teknik Low Bit Encoding Dan Least Significant Bit
Document11 pages
Aplikasi Steganography Pada File Dengan Menggunakan Teknik Low Bit Encoding Dan Least Significant Bit
Noegroho Wetjaksono
No ratings yet
Encryption Whitepaper
Document17 pages
Encryption Whitepaper
Fabian Molano
No ratings yet
LAB GUIDE Using Encryption To Enhance Confidentiality and Integrity
Document49 pages
LAB GUIDE Using Encryption To Enhance Confidentiality and Integrity
Fahad Iftkhar
No ratings yet
Security Needs in Embedded Systems: Anoopms@tataelxsi - Co.in
Document14 pages
Security Needs in Embedded Systems: Anoopms@tataelxsi - Co.in
lndyaBhai
No ratings yet
4.3.2.3 Lab - Using Steganography PDF
Document3 pages
4.3.2.3 Lab - Using Steganography PDF
gurunge
No ratings yet
PGP Encryption/Decryption: Public Key: Used To Encrypt Secret Key: Used To Decrypt
Document12 pages
PGP Encryption/Decryption: Public Key: Used To Encrypt Secret Key: Used To Decrypt
sanut
No ratings yet
Openvpn 5 Minutes
Document7 pages
Openvpn 5 Minutes
Idris Astri
No ratings yet
Intro To Cryptography
Document13 pages
Intro To Cryptography
dkfwvpyhw9
No ratings yet
U2 Ángel
Document8 pages
U2 Ángel
1718smr2a Ángel Alfonso Rodríguez
No ratings yet
Linux in Action
From Everand
Linux in Action
David Clinton
No ratings yet
BeagleBone for Secret Agents
From Everand
BeagleBone for Secret Agents
Josh Datko
Rating: 5 out of 5 stars
5/5 (1)
Spring Security in Action, Second Edition
From Everand
Spring Security in Action, Second Edition
Laurentiu Spilca
No ratings yet
The Blockchain Developer: A Practical Guide for Designing, Implementing, Publishing, Testing, and Securing Distributed Blockchain-based Projects
From Everand
The Blockchain Developer: A Practical Guide for Designing, Implementing, Publishing, Testing, and Securing Distributed Blockchain-based Projects
Elad Elrom
Rating: 5 out of 5 stars
5/5 (1)
Setup of a Graphical User Interface Desktop for Linux Virtual Machine on Cloud Platforms
From Everand
Setup of a Graphical User Interface Desktop for Linux Virtual Machine on Cloud Platforms
Dr. Hidaia Mahmood Alassouli
No ratings yet
Xtream Codes 23-12-2022
Document4 pages
Xtream Codes 23-12-2022
Cristhiazn Martinez
No ratings yet
What Is Routing Algorithm
Document12 pages
What Is Routing Algorithm
Tum Bin
No ratings yet
Alarme Password Wcdma
Document2 pages
Alarme Password Wcdma
Joaquim Pereira
No ratings yet
Grandstream Networks, Inc.: 802.1x Authentication Guide
Document19 pages
Grandstream Networks, Inc.: 802.1x Authentication Guide
Cand
No ratings yet
Set Up OpenLDAP Server On Centos
Document15 pages
Set Up OpenLDAP Server On Centos
Mahesh Moogabsav
No ratings yet
OSPF Virtual Link and Special Areas
Document11 pages
OSPF Virtual Link and Special Areas
Emk Khan
No ratings yet
Passwordlist @iKakRobot
Document170 pages
Passwordlist @iKakRobot
The Dark DEvIl
No ratings yet
Chapter 5 Ip Routing
Document67 pages
Chapter 5 Ip Routing
Wilfredo Aparicio
No ratings yet
FURRERA فوريرة
Document5 pages
FURRERA فوريرة
sam
No ratings yet
Exam
Document16 pages
Exam
Zaki Ghanem
No ratings yet
Debug 1214
Document3 pages
Debug 1214
Khalifa Aldila Putra
No ratings yet
Identity Access Management
Document52 pages
Identity Access Management
Shourya Chambial
100% (2)
Instructor Packet Tracer Manual v1.1
Document54 pages
Instructor Packet Tracer Manual v1.1
Luis Sanchez
No ratings yet
8.4.1.2 Packet Tracer - Skills Integration Challenge Instructions
Document2 pages
8.4.1.2 Packet Tracer - Skills Integration Challenge Instructions
Tyshaun Moore Eit
0% (1)
Chapter-5 (Users and Groups Management)
Document5 pages
Chapter-5 (Users and Groups Management)
Kyar Nyo Aye
No ratings yet
Debug 1214
Document4 pages
Debug 1214
Suwondo Saputra
No ratings yet
Problems and Answers For Advanced Routing: 1. Choose One Correct Answer From The Following Statements
Document8 pages
Problems and Answers For Advanced Routing: 1. Choose One Correct Answer From The Following Statements
Jacky Zhu
No ratings yet
ADDRESLIST
Document36 pages
ADDRESLIST
Dian Abdillah
No ratings yet
01-01 AAA Configuration
Document253 pages
01-01 AAA Configuration
Mamadou Lamine DIALLO
No ratings yet
EAPEAK - Wireless 802.1X EAP Identification and Foot Printing Tool
Document25 pages
EAPEAK - Wireless 802.1X EAP Identification and Foot Printing Tool
clu5t3r
No ratings yet
Pingfederate Data Sheet
Document2 pages
Pingfederate Data Sheet
thiyagu_808
No ratings yet
Bullet 6 - Administer Users & Groups: It Is Used To Delegate The Administration of Objects
Document8 pages
Bullet 6 - Administer Users & Groups: It Is Used To Delegate The Administration of Objects
Mursaleen Umer
No ratings yet
Manifest NonUFSFiles Win64
Document11 pages
Manifest NonUFSFiles Win64
Enkhnamuun Khuyagbaatar
No ratings yet
5.1.5.7 Packet Tracer - Configuring OSPF Advanced Features Instructions IG
Document3 pages
5.1.5.7 Packet Tracer - Configuring OSPF Advanced Features Instructions IG
Ivanco Dario Covaria Rondon
No ratings yet
18 802.1X Configuration
Document60 pages
18 802.1X Configuration
Xan
No ratings yet
File List
Document7 pages
File List
Kkkwv
No ratings yet
Group Policy Management Interview Questions and Answers
Document3 pages
Group Policy Management Interview Questions and Answers
ksrpiramma
No ratings yet
Codigo Tipo de Movimiento Servicio Transaccion
Document6 pages
Codigo Tipo de Movimiento Servicio Transaccion
Jamil Terrel
No ratings yet
Ccna03 01 Classless RTG
Document34 pages
Ccna03 01 Classless RTG
unique22
No ratings yet