Professional Documents
Culture Documents
Chapter 22
Chapter 22
Administration
Fall 2014*
*
Thanks to Dr. James Walden, NKU and Russ Wakefield, CSU for contents of these slides
penetration planting
eavesdropping masquerade Virus / Worms
traffic analysis bypassing controls Trojan Horses
EM/RF interception authriztn. violation trapdoor
indiscretions physical intrusion service spoofing theft
media scanvenging
information leakage
integrity violation
intercept / alter theft resource exhaustion
repudiation replay integrity violation
Threat Motives
Financial motives
Identity theft
Phishing
Spam
Extortion
Botnets
Political motives
Danish sites hacked after Mohammed
cartoons.
Personal motives
Just for fun.
Insider revenge.
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Risk Management
Risk is the relationship between your
assets, the vulnerabilities
characteristic to those assets, and
attackers who wish to access or
modify those assets.
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Rules of Thumb
Dont put files of interest on your
system
Security policy should specify how
info is handled
Dont provide homes for hackers
Set traps to detect intrusions
Monitor reports from your security
tools
Teach yourself about security
Be nosy prowl around looking for
unusual activity
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Password mgmt.
Poor password management is
common weakness
Indirect information
Passwords easily hacked
Steps
Run the common password checker often
Check for null passwords
Password maintenance
Password aging
No group logins
Su to root
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
SetUID programs
Prone to security holes
Minimize the number of them
Use pseudo-users rather than root
Make pseudo-users home directory be
/dev/null
Disable on public filesystems
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Security issues
Remote event logging
Use syslog
Secure terminals
Configure to disable root logins from SSH,
VPNs, etc
NIS known to have security issues
NFS4 security enhancements
Sendmail runs as root
Keep up to date
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Security issues contd
Viruses and worms
Not widely prevalent on Linux
Less market share than windows
Access controlled environment
Trojan horses
Programs get Trojan horses embedded in
them
Keep software up to date
Rootkits
Hiding system information
Dr. Indrajit Ray, Computer Science Department CT 320 Network and Systems
Administration, Fall 2014
Assets
1. Login account.
2. Network bandwidth.
3. Disk space.
4. Data.
5. Reputation.