linux and network security
DESCRIPTION
A short two-part talk introducing: Basic Linux/Unix system administration ( CentOS /RHEL5) General Computer/Network security … for the G53SEC module. Nick Reynolds. Linux and network security. CentOS 5. Adding Accounts. Need entry in /etc/ passwd Need password in /etc/shadow - PowerPoint PPT PresentationTRANSCRIPT
LINUX AND NETWORK SECURITY
A short two-part talk introducing:
•Basic Linux/Unix system administration (CentOS/RHEL5)•General Computer/Network security
… for the G53SEC module.
Nick Reynolds.
CentOS 5
Adding AccountsNeed entry in
/etc/passwdNeed password in
/etc/shadowNeed home directory
/home/[username]Correct Permissions
$ man adduser$ adduser <username>
$ man passwd$ passwd <username>
Gui Alternative:redhat-config-users
The Telnet Server (telnetd)Runs on receiving a connection man xintedStart with:
chkconfig krb5-telnet onStop with:chkconfig krb5-telnet off
Configuring the Telnet ServerRead manual page:man telnetd
Set up accounts using:adduser
Change account shell:chsh <username>
(Tip: man ssh, chkconfig sshd on/off)
Other Services ftp server httpd server (apache) ssh server …
Network Configuration (Optional)redhat-config-network-gui
Software Installs – DistributionSearching:yum search [string]
Installing:yum install [package]
Staying up to date:yum update
Lots more!:man yum man yum.conf
Monitoring The SystemCheck logs:/var/log/*
Monitor network activity:tcpdump
Monitor processes:pstop
Useful CommandsMove between accounts:/bin/su – [username]
Permissions and ownership:chmod <mode> <filename>chgrp <group> <filename>chown <user> <filename>
Manual pages:man <command>
Useful ResourcesCentOS5 (RedHat EE) Documentation
http://netlab-gw.cs.nott.ac.uk/centos/5/docs/http://ftp.cs.nott.ac.uk/centos/5/docs/
Linux Documentation Projecthttp://newton.ex.ac.uk/LDP/
Search Engines!
Final CentOS NotesMany ways to achieve the same result.Experiment within a user account.Don’t make to many changes in one go.Stay up to date (yum update)Advanced methods to configure servers:man pam
General Network/Computer SecurityEncryptionAccess PermissionsWho/what do you trust?Network Infrastructure
Encryption
EncryptionUse secure Protocols
Insecure Secure
telnet sshftp scpimap imapshttp https
Access Permissions
Access Permissions File/directory permissions
Firewalls
Who/What do you trust?
Who/What do you trust? DHCP?
IP Addresses?
Network Infrastructure
Network Infrastructure Where does your data go?
Switches? Hubs? Which route?
Wi-fi
The End!