SlideShare a Scribd company logo

Security and Linux Security

Download as PPT, PDF
Rizky Ariestiyansyah
Rizky Ariestiyansyah

Materi Seminar EASY IT at ISTN 11-12 December 2012

Technology
1 of 71
Conference Day 2 “EASY IT” Network Security and Linux Security “Rizky Ariestiyansyah” “Institut Sains Dan Tekhnologi Nasional”
Who am I ? • Rizky Ariestiyansyah ( ONTO ) • CEO / Founder EVONE • github.com/ariestiyansyah • twitter.com/ariestiyansyah • ariestiyansyah.rizky@gmail.com
Conference Focus  Introduction to Security, Computer Security, Network Security and Linux Security  Why do we need Security  Who is Vulnerable  Security Model  Common Security Attack  Linux Security  Cyber crime report (ID-CERT)  Summary
Introduction to Security, Computer Security, Network Security and Linux Security
Security  The state of being free from danger or threat.  Security is the degree of protection to safeguard a nation, union of nations, persons or person against danger, damage, loss, and crime. (Wikipedia).  freedom from care, anxiety, or doubt; well- founded confidence.  Freedom from danger, risk.
Computer Security • Computer security is the process of preventing and detecting unauthorized use of your computer. (armor2net) • The protection of computer systems and information from harm, theft, and unauthorized use.
Network Security • Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network and the resources accessed through the network from unauthorized access and also ensure that employees have adequate access to the network and resources to work.
Linux Security  Protect your linux distribution  By default linux is not secure  Linux is optimized for convenience and doesn’t make security easy or nature
Why do we need Security ?
Known the Security Threats 1. Malware 2. Backdoor, Exploiting software bugs, Buffer overflow (BOF) 3. Denial of services and DDOS 4. Sniffing attack, TCP Hijacking 5. Unprotected Linux/Windows Shares 6. LFI, SQLI, RFI, Social Problems 7. Cross-site scripting (XSS) 8. TCP Attack 9. Email Attack
Reason why need security  Your computer isn't secure as you think.  Protect data and all vital information from intruders, because everybody has a right to privacy.  Security is now a basic requirement because global computing is inherently insecure.  Provide authentication and access control for resources.
Who is Vulnerable
Vulnerable !!! Security is low or down
Who is vulnerable ? • Bank • Goverment • Defensive agencies • Companies • University and Institutions • Multinational Corporation • Anyone on the Internet Network
Security Model
Old Security Model Mainframe Controller Terminal Terminal
New “old” Security Model Internal network F ir e w a ll Internet Protocols : TCP, HTTP ICMP, FTP, SMTP
New Model ActiveX Malware Java Trojans HTTP VPN Internal network F ir e w a ll Internet SMTP SSL DMZ Web Server Server Database app
Common Security Attack
Common Network security attack • Dictionary Attack (Explain in this session) • Denial of services (Explain in this session) • TCP Attack (Explain in this session) • Sniffing attack (Self Study) • SQLi, XSS, RFI, LFI attack (Self Study) • Social Engineering (Self study) • More..
Dictionary attack  Dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.  Dictionary attack accuracy is 90% (dictionary word good),  The Linux password store at /etc/passwd are encrypted with crypt(3) function, it mean one way hash  To secure from this attack use randomly password like “jU5bu4h@p@y4n94kuSuk@” ( 4l4y password ).
Fact of human password Source : Codinghorror.com
Denial of services Denial of service or DOS is overloading the server or network to make the service in the network unusable and overflow DOS have diferent kinds like ; 1. SYN Flooding 2. Distribute DOS 3. SMURF
SYN Flooding SYN is one of TCP packet. SYN Flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic (Wikipedia).
DDoS # DDOS is a type of DOS attack where multiple compromised systems, which are usually infected with a Trojan, are used to target a single system causing a Denial of Service (DOS) attack. # DDOS is same with DOS but in large scale. # Make machine or network resource unavailable. # Anonymous in their OP use DDOS attack and Defacement.
SMURF The Smurf Attack is a denial-of-service attack in which large amounts of ICMP packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address (Wikipedia). Source ip addrees of broadcast ping is forget.
TCP Attack • TCP = Transmission Control Protocol • Part of the IP netw. Protocol • Connection-based protocol • Point-to-point protocol • Data transfer • More define at RFC 793
TCP Attack Concept Please Welcome to Nabilah, Rizky and Mr. Big Ears
Nabilah and Rizky have TCP Connection
Mr. Big Ears lies on the path between Nabilah and Rizky Network
When Nabilah send packet to Rizky, Mr. Big ears drop all packet And the packet not delivery to Rizky VOID
Mr.Big ears send malicious packet to Rizky and Pawned
Nabilah and Rizky fall out cause the malicous packet from big ears
TCP Attack (Hijacking) "TCP hijacking" is a technique that involves intercepting a TCP session initiated between two machines in order to hijack it. If an attacker learns the associated TCP state for the connection, then the connection can be hijacked ! More TCP Attack example ; spoofing, MITM, sniffing and more.
Packet Sniffing • Packet sniffer programs capture the contents of packets that may include passwords and other sensitive information that could later be used for compromising the client computer • For example, a sniffer installed on a cable modem in one cable trunk may be able to sniff the password from other users on the same trunk • Encryption of network traffic provides one of the defenses against sniffing
Break for 5 Minutes..
Linux Security
Known the Linux architecture • Hardware : Mouse, Monitor, Keyboard, PC, Etc • Hardware Controller : connect between Linux kernel and Hardware • Linux Kernel : the heart of linux, connect hardware resource and application • User Applications : user application like browser. Photo editor, calculator, ect. • OS Service : like X windows, web server, command shell
User Applications OS Service LINUX KERNEL HARDWARE CONTROLLER HARDWARE
Linux Kernel • Kernel uses modul, and you can dinamically loaded it • You can configure kernel and unnecessary component can be removed • Recompiled feature – not like windows • Kernel have bugs • Buffer overflow vulnerabilties (very critically)
Kernel Security • To make your linux secure is always patch your kernel • Update the kernel, to check linux kernel version use ; - # uname -a • To enhanced your linux security : - LIDS – Linux Intrusion Detection System - SELinux – Security Enhanced Linux - Secure Linux Patch - Linux Kernel Modul config
Linux Instrusion Detection System (LIDS) # LIDS web http://www.lids.org/ # LIDS is a tool to make kernel security powerfull # LIDS is a patch to the Linux kernel; it implements access control and a reference monitor. LIDS is configured with its two admin tools, lidsconf and lidsadm # LIDS is a complete security model implementation for the Linux kernel.
Local Linux Security Linux can be attacked from local user, Linux Attacker user user
Protect from local attack • Give them the minimal amount of privileges they need. • Be aware when/where they login from, or should be logging in from. • The creation of group user-id's should be absolutely prohibited. User accounts also provide accountability, and this is not possible with group accounts
File and Filesystem Security # Known Linux User group and permission # File permission and ownership # Configure your users file-creation umask to be as restrictive as possible START LIVE DEMO !!!
Password Security and Encryption PGP and Public Key Cryptography Linux IPSEC Implementation PAM Shadow passwords Secure shell and Stelnet SSL, S-HTTP
Public Key Encryption works
IPSEC Implementation IPSEC Internet Network Key management Secutiy gateways Security Policy IPSEC Developed by Internet Engineering Task Force (IETF)
IPSEC give solution to create cryptographically-secure communications at the IP network level (Network layer), and to provide authentication, integrity, access control, and confidentiality. Some exploitation in network layer to secure using IPSEC is ; - Eavesdropping - MITM ( Man in the middle attack) - Masquerading
Linux-PAM # The concept of Linux-PAM: programs that require authentication only need to know that there is a module available that will perform the authentication for them. # PAM is set up so that modules can be added,deleted, and reconfigured at any time- it is not necessary for modules to be linked in at the time a utility is compiled
Linux Network Security # System services # Packet sniffer # DOS Attack # NFS (Network File System) Security # Firewall # Network information Services # NIDS # IP Chains # VPNs # Netfilter
System services # if you are join the internet network be carefull of your linux services, dont try to offer services you dont need to use or run in internet network, # some services most usefull like ; FTP, Mail, SSH, identd, telnet # Possibly not required services like ; nscd, smb, dhcp, cups, ldap, rhnsd
Packet Sniffer
NFS # NFS stands for Network File System, a file system developed by Sun Microsystems, Inc. It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory. client Network NFS server client client
NFS Security ( Explain in the image )
Firewall # Firewalls are means of controlling what information is allowed into and out of your local network. # Linux Firewalls are ; - IPTables - SELinux - Scalable - Robus
Firewall concept
NIS # NIS is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. # all the information in a standard /etc/passwd file
Understand the /etc/passwd
Linux Network IDS # Network Intrusion Detection System (NIDS) is an intrusion detection system that attempts to discover unauthorized access to a computer network by analyzing traffic on the network for signs of malicious activity.
Linux Application Security Remember to protect your Linux application security like : - File Server - Web Server - Print Servers –lpd, cups, etc. - Mail Server – Sendmail (historically insecure), Qmail, Postfix - VPN Server – FreeS/WAN - Databases – PostgreSQL, MySQL (free), Oracle, Sybase, DB2) - DNS Servers – BIND - LDAP Servers - Time Servers
Cyber Crime Report (ID-CERT)
Summary
Summary - Linux is not secure by default - Always updated for linux patch - Use only required services in linux - Network service keep on minimum uses - Balanced security level and funcionality - Take care on internet network actually public network (wifi) - There is no system secure ^_^
Reference - http://forum.explorecrew.org/ - http://www.tldp.org/HOWTO/Security-HOWTO/ - http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format - http://www.lids.org/ - http://proceedings.esri.com/library/userconf/proc00/professional/papers/pap197/p197.htm - http://www.kecoak.or.id/sarang/TOKET_4/0x01-fun-ipsec.txt - http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide-8.html - http://http://en.wikipedia.org/wiki - http://kodokimut.wordpress.com/ - http://google.com (use at your own risk)
See You Next EVENT !!!! The End

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingHacking Bolivia
 
Basic Linux Security
Basic Linux SecurityBasic Linux Security
Basic Linux Securitypankaj009
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Linux security
Linux securityLinux security
Linux securitytrilokchandra prakash
 
penetration test using Kali linux ppt
penetration test using Kali linux pptpenetration test using Kali linux ppt
penetration test using Kali linux pptAbhayNaik8
 

Recommended

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingHacking Bolivia
 
Basic Linux Security
Basic Linux SecurityBasic Linux Security
Basic Linux Securitypankaj009
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Linux security
Linux securityLinux security
Linux securitytrilokchandra prakash
 
penetration test using Kali linux ppt
penetration test using Kali linux pptpenetration test using Kali linux ppt
penetration test using Kali linux pptAbhayNaik8
 
Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Securitylalithambiga kamaraj
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Chapter 4
Chapter 4Chapter 4
Chapter 4Amy McMullin
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authenticationCAS
 
IP Security and its Components
IP Security and its ComponentsIP Security and its Components
IP Security and its ComponentsMohibullah Saail
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Kali Linux
Kali LinuxKali Linux
Kali LinuxShubham Agrawal
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
SSL intro
SSL introSSL intro
SSL introThree Lee
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS Ghanshyam Patel
 
Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security OverviewKernel TLV
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction Mohamed Gad
 

More Related Content

What's hot

Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authenticationCAS
 
IP Security and its Components
IP Security and its ComponentsIP Security and its Components
IP Security and its ComponentsMohibullah Saail
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographySeema Goel
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 
User authentication
User authenticationUser authentication
User authenticationCAS
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security ArchitectureBharathiKrishna6
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port ScanningSam Bowne
 

What's hot (20)

Firewall in Network Security
Firewall in Network SecurityFirewall in Network Security
Firewall in Network Security
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
Chapter 4
Chapter 4Chapter 4
Chapter 4
 
Public key cryptography and message authentication
Public key cryptography and message authenticationPublic key cryptography and message authentication
Public key cryptography and message authentication
 
IP Security and its Components
IP Security and its ComponentsIP Security and its Components
IP Security and its Components
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware Analysis
 
SSL
SSLSSL
SSL
 
User authentication
User authenticationUser authentication
User authentication
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
SSL intro
SSL introSSL intro
SSL intro
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
Ch 5: Port Scanning
Ch 5: Port ScanningCh 5: Port Scanning
Ch 5: Port Scanning
 
SSL And TLS
SSL And TLS SSL And TLS
SSL And TLS
 

Viewers also liked

Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security OverviewKernel TLV
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction Mohamed Gad
 
linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linuxAmmar WK
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security OverviewShawn Wells
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux SecurityMichael Boman
 
Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxAmitesh Bharti
 
How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?Michael Boelen
 
Linux Security Scanning with Lynis
Linux Security Scanning with LynisLinux Security Scanning with Lynis
Linux Security Scanning with LynisMichael Boelen
 
Linux Operating System Vulnerabilities
Linux Operating System VulnerabilitiesLinux Operating System Vulnerabilities
Linux Operating System VulnerabilitiesInformation Technology
 
Security, Hack1ng and Hardening on Linux - an Overview
Security, Hack1ng and Hardening on Linux - an OverviewSecurity, Hack1ng and Hardening on Linux - an Overview
Security, Hack1ng and Hardening on Linux - an OverviewKaiwan Billimoria
 
Linux Security, from Concept to Tooling
Linux Security, from Concept to ToolingLinux Security, from Concept to Tooling
Linux Security, from Concept to ToolingMichael Boelen
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloudDobrica Pavlinušić
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for DevelopersMichael Boelen
 
Partners Healthcare Case Analysis
Partners Healthcare Case AnalysisPartners Healthcare Case Analysis
Partners Healthcare Case AnalysisSarang Ananda Rao
 
File permission in linux
File permission in linuxFile permission in linux
File permission in linuxPrakash Poudel
 

Viewers also liked (20)

Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security Overview
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction
 
linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linux
 
Linux Security
Linux SecurityLinux Security
Linux Security
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
 
Threats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in LinuxThreats, Vulnerabilities & Security measures in Linux
Threats, Vulnerabilities & Security measures in Linux
 
How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?
 
Linux Security Scanning with Lynis
Linux Security Scanning with LynisLinux Security Scanning with Lynis
Linux Security Scanning with Lynis
 
Linux Operating System Vulnerabilities
Linux Operating System VulnerabilitiesLinux Operating System Vulnerabilities
Linux Operating System Vulnerabilities
 
Security, Hack1ng and Hardening on Linux - an Overview
Security, Hack1ng and Hardening on Linux - an OverviewSecurity, Hack1ng and Hardening on Linux - an Overview
Security, Hack1ng and Hardening on Linux - an Overview
 
Linux Security Myth
Linux Security MythLinux Security Myth
Linux Security Myth
 
Linux Security, from Concept to Tooling
Linux Security, from Concept to ToolingLinux Security, from Concept to Tooling
Linux Security, from Concept to Tooling
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for Developers
 
comparing windows and linux ppt
comparing windows and linux pptcomparing windows and linux ppt
comparing windows and linux ppt
 
Partners Healthcare Case Analysis
Partners Healthcare Case AnalysisPartners Healthcare Case Analysis
Partners Healthcare Case Analysis
 
Linux Hardening
Linux HardeningLinux Hardening
Linux Hardening
 
File permission in linux
File permission in linuxFile permission in linux
File permission in linux
 

Similar to Security and Linux Security

Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network SecurityUC San Diego
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testingAbdul Rahman
 
Linux Security Quick Reference Guide
Linux Security Quick Reference GuideLinux Security Quick Reference Guide
Linux Security Quick Reference Guidewensheng wei
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptxmalikmuzammil2326
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeekNightHyderabad
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical HackingSripati Mahapatra
 
Security concepts
Security conceptsSecurity concepts
Security conceptsartisriva
 

Similar to Security and Linux Security (20)

Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
Network sec 1
Network sec 1Network sec 1
Network sec 1
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Botnets Attacks.pptx
Botnets Attacks.pptxBotnets Attacks.pptx
Botnets Attacks.pptx
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Linux quick reference
Linux quick reference Linux quick reference
Linux quick reference
 
Linux Security Quick Reference Guide
Linux Security Quick Reference GuideLinux Security Quick Reference Guide
Linux Security Quick Reference Guide
 
Day4
Day4Day4
Day4
 
Information about malwares and Attacks.pptx
Information about malwares and Attacks.pptxInformation about malwares and Attacks.pptx
Information about malwares and Attacks.pptx
 
Network Security
Network SecurityNetwork Security
Network Security
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the Internet
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
Security concepts
Security conceptsSecurity concepts
Security concepts
 

More from Rizky Ariestiyansyah

MOOC: Python & Web as Architecture
MOOC: Python & Web as ArchitectureMOOC: Python & Web as Architecture
MOOC: Python & Web as ArchitectureRizky Ariestiyansyah
 
The use of technology in education
The use of technology in educationThe use of technology in education
The use of technology in educationRizky Ariestiyansyah
 
Firefox OS, Web APIs & Hybrid Application
Firefox OS, Web APIs & Hybrid ApplicationFirefox OS, Web APIs & Hybrid Application
Firefox OS, Web APIs & Hybrid ApplicationRizky Ariestiyansyah
 
Beda Pertumbuhan dengan Pembangunan Ekonomi
Beda Pertumbuhan dengan Pembangunan EkonomiBeda Pertumbuhan dengan Pembangunan Ekonomi
Beda Pertumbuhan dengan Pembangunan EkonomiRizky Ariestiyansyah
 

More from Rizky Ariestiyansyah (8)

Developer < eat love code >
Developer < eat love code >Developer < eat love code >
Developer < eat love code >
 
MOOC: Python & Web as Architecture
MOOC: Python & Web as ArchitectureMOOC: Python & Web as Architecture
MOOC: Python & Web as Architecture
 
The use of technology in education
The use of technology in educationThe use of technology in education
The use of technology in education
 
Firefox OS, Web APIs & Hybrid Application
Firefox OS, Web APIs & Hybrid ApplicationFirefox OS, Web APIs & Hybrid Application
Firefox OS, Web APIs & Hybrid Application
 
Pembanguan ekonomi awal
Pembanguan ekonomi awalPembanguan ekonomi awal
Pembanguan ekonomi awal
 
Pembangunan Ekonomi 1
Pembangunan Ekonomi 1Pembangunan Ekonomi 1
Pembangunan Ekonomi 1
 
Beda Pertumbuhan dengan Pembangunan Ekonomi
Beda Pertumbuhan dengan Pembangunan EkonomiBeda Pertumbuhan dengan Pembangunan Ekonomi
Beda Pertumbuhan dengan Pembangunan Ekonomi
 
Pajak Daerah dan Retribusi Daerah
Pajak Daerah dan Retribusi DaerahPajak Daerah dan Retribusi Daerah
Pajak Daerah dan Retribusi Daerah
 

Recently uploaded

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Recently uploaded (20)

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

Security and Linux Security

  • 1.
  • 2. Conference Day 2 “EASY IT” Network Security and Linux Security “Rizky Ariestiyansyah” “Institut Sains Dan Tekhnologi Nasional”
  • 3. Who am I ? • Rizky Ariestiyansyah ( ONTO ) • CEO / Founder EVONE • github.com/ariestiyansyah • twitter.com/ariestiyansyah • ariestiyansyah.rizky@gmail.com
  • 4. Conference Focus  Introduction to Security, Computer Security, Network Security and Linux Security  Why do we need Security  Who is Vulnerable  Security Model  Common Security Attack  Linux Security  Cyber crime report (ID-CERT)  Summary
  • 5. Introduction to Security, Computer Security, Network Security and Linux Security
  • 6. Security  The state of being free from danger or threat.  Security is the degree of protection to safeguard a nation, union of nations, persons or person against danger, damage, loss, and crime. (Wikipedia).  freedom from care, anxiety, or doubt; well- founded confidence.  Freedom from danger, risk.
  • 7. Computer Security • Computer security is the process of preventing and detecting unauthorized use of your computer. (armor2net) • The protection of computer systems and information from harm, theft, and unauthorized use.
  • 8. Network Security • Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. • Network security is typically handled by a network administrator or system administrator who implements the security policy, network software and hardware needed to protect a network and the resources accessed through the network from unauthorized access and also ensure that employees have adequate access to the network and resources to work.
  • 9. Linux Security  Protect your linux distribution  By default linux is not secure  Linux is optimized for convenience and doesn’t make security easy or nature
  • 10. Why do we need Security ?
  • 11. Known the Security Threats 1. Malware 2. Backdoor, Exploiting software bugs, Buffer overflow (BOF) 3. Denial of services and DDOS 4. Sniffing attack, TCP Hijacking 5. Unprotected Linux/Windows Shares 6. LFI, SQLI, RFI, Social Problems 7. Cross-site scripting (XSS) 8. TCP Attack 9. Email Attack
  • 12. Reason why need security  Your computer isn't secure as you think.  Protect data and all vital information from intruders, because everybody has a right to privacy.  Security is now a basic requirement because global computing is inherently insecure.  Provide authentication and access control for resources.
  • 15. Who is vulnerable ? • Bank • Goverment • Defensive agencies • Companies • University and Institutions • Multinational Corporation • Anyone on the Internet Network
  • 17. Old Security Model Mainframe Controller Terminal Terminal
  • 18. New “old” Security Model Internal network F ir e w a ll Internet Protocols : TCP, HTTP ICMP, FTP, SMTP
  • 19. New Model ActiveX Malware Java Trojans HTTP VPN Internal network F ir e w a ll Internet SMTP SSL DMZ Web Server Server Database app
  • 21. Common Network security attack • Dictionary Attack (Explain in this session) • Denial of services (Explain in this session) • TCP Attack (Explain in this session) • Sniffing attack (Self Study) • SQLi, XSS, RFI, LFI attack (Self Study) • Social Engineering (Self study) • More..
  • 22. Dictionary attack  Dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.  Dictionary attack accuracy is 90% (dictionary word good),  The Linux password store at /etc/passwd are encrypted with crypt(3) function, it mean one way hash  To secure from this attack use randomly password like “jU5bu4h@p@y4n94kuSuk@” ( 4l4y password ).
  • 23. Fact of human password Source : Codinghorror.com
  • 24. Denial of services Denial of service or DOS is overloading the server or network to make the service in the network unusable and overflow DOS have diferent kinds like ; 1. SYN Flooding 2. Distribute DOS 3. SMURF
  • 25.
  • 26. SYN Flooding SYN is one of TCP packet. SYN Flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic (Wikipedia).
  • 27. DDoS # DDOS is a type of DOS attack where multiple compromised systems, which are usually infected with a Trojan, are used to target a single system causing a Denial of Service (DOS) attack. # DDOS is same with DOS but in large scale. # Make machine or network resource unavailable. # Anonymous in their OP use DDOS attack and Defacement.
  • 28.
  • 29. SMURF The Smurf Attack is a denial-of-service attack in which large amounts of ICMP packets with the intended victim's spoofed source IP are broadcast to a computer network using an IP Broadcast address (Wikipedia). Source ip addrees of broadcast ping is forget.
  • 30.
  • 31. TCP Attack • TCP = Transmission Control Protocol • Part of the IP netw. Protocol • Connection-based protocol • Point-to-point protocol • Data transfer • More define at RFC 793
  • 32. TCP Attack Concept Please Welcome to Nabilah, Rizky and Mr. Big Ears
  • 33. Nabilah and Rizky have TCP Connection
  • 34. Mr. Big Ears lies on the path between Nabilah and Rizky Network
  • 35. When Nabilah send packet to Rizky, Mr. Big ears drop all packet And the packet not delivery to Rizky VOID
  • 36. Mr.Big ears send malicious packet to Rizky and Pawned
  • 37. Nabilah and Rizky fall out cause the malicous packet from big ears
  • 38. TCP Attack (Hijacking) "TCP hijacking" is a technique that involves intercepting a TCP session initiated between two machines in order to hijack it. If an attacker learns the associated TCP state for the connection, then the connection can be hijacked ! More TCP Attack example ; spoofing, MITM, sniffing and more.
  • 39. Packet Sniffing • Packet sniffer programs capture the contents of packets that may include passwords and other sensitive information that could later be used for compromising the client computer • For example, a sniffer installed on a cable modem in one cable trunk may be able to sniff the password from other users on the same trunk • Encryption of network traffic provides one of the defenses against sniffing
  • 40. Break for 5 Minutes..
  • 42. Known the Linux architecture • Hardware : Mouse, Monitor, Keyboard, PC, Etc • Hardware Controller : connect between Linux kernel and Hardware • Linux Kernel : the heart of linux, connect hardware resource and application • User Applications : user application like browser. Photo editor, calculator, ect. • OS Service : like X windows, web server, command shell
  • 43. User Applications OS Service LINUX KERNEL HARDWARE CONTROLLER HARDWARE
  • 44. Linux Kernel • Kernel uses modul, and you can dinamically loaded it • You can configure kernel and unnecessary component can be removed • Recompiled feature – not like windows • Kernel have bugs • Buffer overflow vulnerabilties (very critically)
  • 45. Kernel Security • To make your linux secure is always patch your kernel • Update the kernel, to check linux kernel version use ; - # uname -a • To enhanced your linux security : - LIDS – Linux Intrusion Detection System - SELinux – Security Enhanced Linux - Secure Linux Patch - Linux Kernel Modul config
  • 46. Linux Instrusion Detection System (LIDS) # LIDS web http://www.lids.org/ # LIDS is a tool to make kernel security powerfull # LIDS is a patch to the Linux kernel; it implements access control and a reference monitor. LIDS is configured with its two admin tools, lidsconf and lidsadm # LIDS is a complete security model implementation for the Linux kernel.
  • 47. Local Linux Security Linux can be attacked from local user, Linux Attacker user user
  • 48. Protect from local attack • Give them the minimal amount of privileges they need. • Be aware when/where they login from, or should be logging in from. • The creation of group user-id's should be absolutely prohibited. User accounts also provide accountability, and this is not possible with group accounts
  • 49. File and Filesystem Security # Known Linux User group and permission # File permission and ownership # Configure your users file-creation umask to be as restrictive as possible START LIVE DEMO !!!
  • 50. Password Security and Encryption PGP and Public Key Cryptography Linux IPSEC Implementation PAM Shadow passwords Secure shell and Stelnet SSL, S-HTTP
  • 52. IPSEC Implementation IPSEC Internet Network Key management Secutiy gateways Security Policy IPSEC Developed by Internet Engineering Task Force (IETF)
  • 53. IPSEC give solution to create cryptographically-secure communications at the IP network level (Network layer), and to provide authentication, integrity, access control, and confidentiality. Some exploitation in network layer to secure using IPSEC is ; - Eavesdropping - MITM ( Man in the middle attack) - Masquerading
  • 54. Linux-PAM # The concept of Linux-PAM: programs that require authentication only need to know that there is a module available that will perform the authentication for them. # PAM is set up so that modules can be added,deleted, and reconfigured at any time- it is not necessary for modules to be linked in at the time a utility is compiled
  • 55.
  • 56. Linux Network Security # System services # Packet sniffer # DOS Attack # NFS (Network File System) Security # Firewall # Network information Services # NIDS # IP Chains # VPNs # Netfilter
  • 57. System services # if you are join the internet network be carefull of your linux services, dont try to offer services you dont need to use or run in internet network, # some services most usefull like ; FTP, Mail, SSH, identd, telnet # Possibly not required services like ; nscd, smb, dhcp, cups, ldap, rhnsd
  • 59. NFS # NFS stands for Network File System, a file system developed by Sun Microsystems, Inc. It is a client/server system that allows users to access files across a network and treat them as if they resided in a local file directory. client Network NFS server client client
  • 60. NFS Security ( Explain in the image )
  • 61. Firewall # Firewalls are means of controlling what information is allowed into and out of your local network. # Linux Firewalls are ; - IPTables - SELinux - Scalable - Robus
  • 63. NIS # NIS is a client–server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. # all the information in a standard /etc/passwd file
  • 65. Linux Network IDS # Network Intrusion Detection System (NIDS) is an intrusion detection system that attempts to discover unauthorized access to a computer network by analyzing traffic on the network for signs of malicious activity.
  • 66. Linux Application Security Remember to protect your Linux application security like : - File Server - Web Server - Print Servers –lpd, cups, etc. - Mail Server – Sendmail (historically insecure), Qmail, Postfix - VPN Server – FreeS/WAN - Databases – PostgreSQL, MySQL (free), Oracle, Sybase, DB2) - DNS Servers – BIND - LDAP Servers - Time Servers
  • 67. Cyber Crime Report (ID-CERT)
  • 69. Summary - Linux is not secure by default - Always updated for linux patch - Use only required services in linux - Network service keep on minimum uses - Balanced security level and funcionality - Take care on internet network actually public network (wifi) - There is no system secure ^_^
  • 70. Reference - http://forum.explorecrew.org/ - http://www.tldp.org/HOWTO/Security-HOWTO/ - http://www.cyberciti.biz/faq/understanding-etcpasswd-file-format - http://www.lids.org/ - http://proceedings.esri.com/library/userconf/proc00/professional/papers/pap197/p197.htm - http://www.kecoak.or.id/sarang/TOKET_4/0x01-fun-ipsec.txt - http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide-8.html - http://http://en.wikipedia.org/wiki - http://kodokimut.wordpress.com/ - http://google.com (use at your own risk)
  • 71. See You Next EVENT !!!! The End