Security Information and Review

Collection of security information and review

Posts Tagged 'Linux Security'

Tripwire : Hardening Linux Server with Monitoring Integrity of Files

Author : Admin

Tripwire is a file and directory integrity checker that comparer a designated set of files and directory against information store in a previously generated database. It uses the baseline for comparison of files at scheduled intervals and if changes are detected, alerts are processed based on the configuration. It’s can notify system administrators of corrupted or tampered files, so damages control measures can be taken in a timely manner.

 

We will not discussion about how to install but how to securing and optimizing Tripwire in the Linux server. After installing Tripwire, we next step is verify or change, if necessary options in our Tripwire configuration files. … continue reading : Tripwire : Hardening Linux Server with Monitoring Integrity of Files.

8 July 2009 at 23:53 - Comments

Hardening Linux Server with TCP Wrappers

Author : Admin

TCP Wrappers, in the same manner by name, provides protection Linux server services that communicate using TCP packets. So, systems that communicate using TCP packets channel, those packets through TCP Wrappers and the request is checked against a series of rules. Majority of the commercial Linux server like Redhat Enterprise Linux AS, SLES and others distribution implement a facility known as TCP Wrappers. The TCP Wrappers are implemented using two files, one controlling what is specifically accepted and the other that specifies denials. The files are called /etc/hosts.allow and /etc/hosts.deny. These files provides ability to define access to Linux server services based on IP Address or hostname.

 

Rules of the TCP Wrappers in the /etc/hosts.allow and /etc/hosts.deny files, the process is sequential : clients and users listed in hosts.allow are allowed acess and clients / users listed in hosts.deny are denied access. … continue reading : Hardening Linux Server with TCP Wrappers.

8 July 2009 at 20:03 - Comments

Hardening Linux Server part 2 : Advanced Linux Security

Author : Admin

In the previous discussion, Hardening Linux Server part 1: Physical Access Security was discussed how to improve physical access security in the Linux server. In this discussion will be discussed more detail in the side of Linux itself.

 

The “root” account has no security restrictions, for this reason we must know what we are doing and never login with this user unless it’s absolutely an instance that necessitates root access. The first thing to be done to improve security the Linux server, it’s configure users profile, especially the super user “root”. It’s sometimes and even often happens is delete file when we log in as “root”. So, we need to modifications of the “rm” command, like show in script following bellow. … continue reading : Hardening Linux Server part 2 : Advanced Linux Security.

5 July 2009 at 17:28 - Comments

Hardening Linux Server part 1 : Physical Access Security

Author : Admin

Security of a Linux Server is very important and it’s not only software or package is installed. There are several aspect to be considered such physical security, operating system, application and network. A Secure Linux server depends on how the administrator make it.

 

Improvement of Linux server security, one of more aspect that is very important is the physical security. Administrator must block unauthorized people to access Linux server and make sure who is promised to physical access to server. It’s important to note that there is possibility to bypass the security measure if someone has physical access to Linux server. So it’s select room server with access control system.
… continue reading : Hardening Linux Server part 1 : Physical Access Security.

5 July 2009 at 14:36 - Comments

Base Linux Security with IPTables

Author : Admin

Most people think that to protect computer networks from outside attacks by using firewall but they don’t understand what a firewall is and how it really work. A firewall inspects packets as they arrive on an interface, searching a table until it finds a matching rule to determine what is should do with each packet and the follow the action the rule specifies.

If the packet does not match a specific rule, a default action decides the packet’s fate, generally known as falling through the bottom of the rules. For firewalls, the generally accepted good default action is Deny. That is, unless we explicitly permit a particular access, the packet is dropped. This allows us to permit what we know and block what we do not. … continue reading : Base Linux Security with IPTables.

1 June 2009 at 19:41 - Comments

Basic User Linux Security

Author : Admin

All Administrator for Linux security reasons, Linux / Ubuntu server disabling the root user, it doesn’t even have a password , so we can not login as root so we do finish the installation system, because the root has rights to the infinite and to reduce the risk of error due to the usage rights as root.
How about a task which can only be run using the root user? On Linux in general, especialy of the Ubuntu Server, introduced with the use of sudo mechanism. The idea of sudo can be described that task - a task which can only be run by root can be defined specifically for a previous user of a given authority. Because sudo is the basic mechanism on Ubuntu to perform tasks that normally are reserved for root only, after a normal installation every administration tasks is performed that way.For example to run the shutdown command, is generally the root user has authority to run it but we can define on a particular user to run. The user is authorized to run commands with sudo. Define the commands and the user is authorized to run sudo then we need to do edit the file / etc / sudoers. We can use our favorite editor to do it, vi, or nano visudo.
… continue reading : Basic User Linux Security.

23 May 2009 at 08:24 - Comments