Free Essay

It-302-Linux System Administration

In:

Submitted By ktyler04
Words 907
Pages 4
Computer security is necessity because of the many ways that your personal information. Millions of people each year are victims of hacked computers and accounts which lead to credit card theft and identity theft. This paper will explain a few of Unix/Linux’s security operations such as SELinux, Chroot, and IPtables.
Security-Enhanced Linux is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls. These functions were run through the Linux Security Modules in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating system kernels, such as Linux and that of BSD. SELinux was developed by the United States National Security Agency, it was released to the open source development community under the GNU GPL on December 22, 2000. SELinux users and roles are not related to the actual system users and roles. For every current user or process, SELinux assigns a three string context consisting of a role, user name, and domain. This system is more flexible than normally required: as a rule, most of the real users share the same SELinux username, and all access control is managed through the third tag, the domain. Circumstance for when the user is allowed to get into a certain domain must be configured in the policies. The command runcon allows for the launching of a process into an explicitly specified context, but SELinux may deny the transition if it is not approved by the policy configuration. The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on an SELinux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole. Some of the features of SELinux are that it has a clean separation of policy from enforcement, a very flexible policy, and support for policy changes. Another one of Linux’s operations is called Chroot. A chroot on Unix Operating systems is an operation that changes the apparent disk root directory for the current running process and its children. The chroot system call was introduced during development of Version 7 Unix in 1979, and also added to BSD by Bill Joy on March 18, 1982. A chroot environment can be used to create and host a separate virtualized copy of the software system. This can be useful for Testing and development, Dependency control, Compatibility, Recovery, and Privilege separation. For Testing and development a test environment can be set up in the chroot for software that would otherwise be too risky to deploy on a production system. For Dependency control software can be developed, built and tested in a chroot populated only with its expected dependencies. This can prevent some kinds of linkage skew that can result from developers building projects with different sets of program libraries installed. Compatibility offers legacy software or software using a different ABI must sometimes be run in a chroot because their supporting libraries or data files may otherwise clash in name or linkage with those of the host system. The chroot mechanism in itself also is not intended to restrict the use of resources like I/O, bandwidth, disk space or CPU time. Most Unixes are not completely file system-oriented and leave potentially disruptive functionality like networking and process control available through the system call interface to a chrooted program. The last Unix operation is called IPtables. IPtables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. The original author of iptables was Rusty Russell. He worked with a team called Netfilter Core Team and was released in 1998. IPtables preserves the basic ideas introduced with ipfwadm, which was a list of rules each of which specified what to match within a packet, and what to do with such a packet. IPchains added the concept of chains of rules, and iptables extended this further into tables: one table was consulted when deciding whether to NAT a packet and another consulted when deciding how to filter a packet. In addition, the three filtering points in a packet's journey were altered such that any packet only passes through one filtering point. Each rule in a chain contains the specification of which packets it matches. It may also contain a target or verdict. As a packet traverses a chain, each rule in turn is examined. If a rule does not match the packet, the packet is passed to the next rule. If a rule does match the packet, the rule takes the action indicated by the target/verdict, which may result in the packet being allowed to continue along the chain or it may not. Matches make up the large part of rulesets, as they contain the conditions packets are tested for

IT 302-Linuz System Administration
Research Assignment 1

Bibliography

Similar Documents

Free Essay

It302 Research Assignment 1

...Research Assignment 1 IT 302 Linux System Administration January 21, 2013 The purpose of this paper is to secure UNIX/Linux operating systems from unscrupulous people. It shall be focused on SELinux, chroot jail, and iptables. Each of the three focus areas will be detailed, with specific interest in the following. What organization is behind it and reason entity is involved. How each technology changes the operating system to enforce security, and if the security measure can be easily bypassed. And finally, describe the types of threats each of the technologies is designed to eliminate. Since no two UNIX-based operating system builds are exactly alike, it is important to note that each build may have its own inherent security flaws. SELinux was developed by The United States National Security Agency (NSA). The first version was made available to the open source development community under the GNU GPL on December 22, 2000. The software merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Network Associates, Red Hat, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions. Experimental ports of the FLASK/TE implementation have been made available via the TrustedBSD Project for the FreeBSD and Darwin operating systems. The reason NSA is involved in this project is because this organization is responsible for carrying out the research and advanced development of technologies...

Words: 900 - Pages: 4

Premium Essay

It255

...ITT Technical Institute IT255 Introduction to Information Systems Security Onsite Course SYLLABUS Credit hours: 4 Contact/Instructional hours: 50 (30 Theory Hours, 20 Lab Hours) Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security Capstone Project 400 Level IS404 Access Control, Authentication & KPI IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications IS418 Securing Linux Platforms & Applications IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications ...

Words: 4114 - Pages: 17

Premium Essay

Seeking Help

...to Information Systems Security [Onsite] Course Description: This course provides an overview of security challenges and strategies of counter measures in the information systems environment. Topics include definition of terms, concepts, elements, and goals incorporating industry standards and practices with a focus on availability, vulnerability, integrity and confidentiality aspects of information systems. Prerequisite(s) and/or Corequisite(s): Prerequisites: IT220 Network Standards and Protocols, IT221 Microsoft Network Operating System I, IT250 Linux Operating System Credit hours: 4 Contact hours: 50 (30 Theory Hours, 20 Lab Hours) Introduction to Information Systems Security Syllabus Where Does This Course Belong? This course is required for the Bachelor of Science in Information Systems Security program. This program covers the following core areas:    Foundational Courses Technical Courses BSISS Project The following diagram demonstrates how this course fits in the program: IS427 Information Systems Security 400 Level Capstone Project IS418 IS404 Access Control, Authentication & KPI IS421 Legal & Security Issues IS423 Securing Windows Platforms & Applications IS411 Security Policies & Implementation Issues IS415 System Forensics Investigation & Response IS416 Securing Windows Platforms & Applications Securing Linux Platforms & Applications 300 Level IS305 Managing Risk in Information Systems IS308 Security...

Words: 4296 - Pages: 18

Premium Essay

Redhat

...edhat® ® Te r r y C o l l i n g s & K u r t W a l l UR ON IT OOLS IN Y T C E CD-R L TH O ED UD M Linux Solutions from the Experts at Red Hat ® ® P R E S S™ SEC Red Hat® Linux® Networking and System Administration Red Hat® Linux® Networking and System Administration Terry Collings and Kurt Wall M&T Books An imprint of Hungry Minds, Inc. Best-Selling Books G Digital Downloads G e-Books G Answer Networks e-Newsletters G Branded Web Sites G e-Learning New York, NY G Cleveland, OH G Indianapolis, IN Red Hat® Linux® Networking and System Administration Published by Hungry Minds, Inc. 909 Third Avenue New York, NY 10022 www.hungryminds.com Copyright © 2002 Hungry Minds, Inc. All rights reserved. No part of this book, including interior design, cover design, and icons, may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording, or otherwise) without the prior written permission of the publisher. Library of Congress Control Number: 2001093591 ISBN: 0-7645-3632-X Printed in the United States of America 10 9 8 7 6 5 4 3 2 1 1O/RT/QT/QS/IN Distributed in the United States by Hungry Minds, Inc. Distributed by CDG Books Canada Inc. for Canada; by Transworld Publishers Limited in the United Kingdom; by IDG Norge Books for Norway; by IDG Sweden Books for Sweden; by IDG Books Australia Publishing Corporation Pty. Ltd. for Australia and New Zealand; by TransQuest Publishers Pte Ltd. for Singapore, Malaysia, Thailand...

Words: 220815 - Pages: 884

Free Essay

Linux Admin Sendmail.Docx

...[TYPE THE COMPANY NAME] Sendmail IT 302 Virtual Library Michael Gigliotti 8/8/2012 Virtual library assignment, covering sendmail and alternatives. Sendmail is the program used by UNIX, and some of its offshoots like BSD, Linux, SunOS, ULTRIX to handle email. Sendmail was created by Eric Allman (Vixie and Aviolo) to solve the problem of address mapping between the email system and the network. Sendmail routes mail between a UA-mail user agent, a program used to read and send email, and an MTA-message transfer agent, program used to move mail between hosts using a particular network language/protocol. A design goal of sendmail is to accommodate the addition of new UAs and MTAs with only minor configuration changes. (Vixie and Aviolo) Sendmail supports distribution lists in the form of aliases for people or sets of people, the use of individual user .forward files to allow the forwarding of incoming e-mail to programs or other mailboxes. Sendmail also facilitates the rewriting of e-mail addresses to allow for a gateway to deliver mail between different kinds of mail networks and provide a mechanism for bridging between different systems. Sendmail provides for message queuing when a retry able error is encountered, plus automatic routing and returning the e-mail to the sender when an unrecoverable error is encountered. (Vixie and Aviolo) The software used by sendmail to locate domains on the DNS server is the resolver. The resolver...

Words: 11213 - Pages: 45

Free Essay

Linux as a Personal Desktop Operating System

...Table of Contents Beginning Red Hat Linux 9 ...............................................................................................................................1 Introduction.........................................................................................................................................................4 Who Is This Book For?...........................................................................................................................4 What You Need to Use This Book.........................................................................................................4 What Is Linux? ........................................................................................................................................5 Linus Torvalds and the Birth of Linux.............................................................................................5 Why Choose Linux?.........................................................................................................................6 What Is Red Hat Linux 9?................................................................................................................7 What Is Covered in This Book?..............................................................................................................8 Conventions in This Book......................................................................................................................9 Customer Support...............

Words: 155032 - Pages: 621

Free Essay

Syllabus

...SCHEME OF EXAMINATION FOR MASTER OF COMPUTER APPLICATIONS (MCA) (SIX-SEMESTER Programme) |Semester – I | |Paper |Title of the Paper |Duration |Maximum Marks |Total | |No. | |Of Exam | | | | | | |Theory |Sessional* | | |MCA-101 |Computer Fundamentals and Problem Solving Using C |3 Hours |80 |20 |100 | |MCA-102 |Computer Organisation |3 Hours |80 |20 |100 | |MCA-103 |Discrete Mathematical Structures |3 Hours |80 |20 |100 | |MCA-104 |Software Engineering |3 Hours |80 |20 |100 | |MCA-105 |Computer Oriented Numerical and Statistical Methods |3 Hours |80 |20 |100 | |MCA-106 |Software Laboratory - I |3 Hours | | |100 | | |C (Based on MCA-101) |...

Words: 13848 - Pages: 56

Premium Essay

Laudon Ch5

...Management Information Systems MANAGING THE DIGITAL FIRM Kenneth C. Laudon New York University f Jane P. Laudon Azimuth Information Systems PEARSON feerttifie tall Pearson Education International Brief Contents Part One Chapter 1 Chapter 2 Chapter 3 Chapter 4 Part One Project Organizations, Management, and the Networked Enterprise 1 Information Systems in Global Business Today 2 Global E-Business: How Businesses Use Information Systems 38 Information Systems, Organizations, and Strategy 80 Ethical and Social Issues in Information Systems 124 Analyzing Business Processes for an Enterprise System 165 Part Two Chapter 5 Chapter 6 Chapter 7 Chapter 8 Part Two Project Information Technology Infrastructure 167 IT Infrastructure and Emerging Technologies 168 Foundations of Business Intelligence: Databases and Information Management 222 Telecommunications, the Internet, and Wireless Technology 260 Securing Information Systems 312 Creating a New Internet Business 351 Part Three Chapter 9 Chapter 10 Chapter 11 Chapter 12 Part Three Project Key System Applications for the Digital Age 353 Achieving Operational Excellence and Customer Intimacy: Enterprise Applications 354 E-Commerce: Digital Markets, Digital Goods 388 Managing Knowledge 428 Enhancing Decision Making 470 Designing an Enterprise Information Portal 508 Part Four Chapter 13 Chapter 14 Chapter 15 Part Four Project Building and Managing Systems 509 Building Systems 510 Project Management:...

Words: 3508 - Pages: 15

Premium Essay

Intro to Linux

...A Practical Guide to Linux Commands, Editors, and Shell Programming SECOND EDITION ® Mark G. Sobell Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 corpsales@pearsontechgroup.com For sales outside the United States, please contact: International Sales international@pearson.com Visit us on the Web: informit.com/ph Library of Congress Cataloging-in-Publication...

Words: 228961 - Pages: 916

Premium Essay

Computer Book

...The Linux Command Line Second Internet Edition William E. Shotts, Jr. A LinuxCommand.org Book Copyright ©2008-2013, William E. Shotts, Jr. This work is licensed under the Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. To view a copy of this license, visit the link above or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Linux® is the registered trademark of Linus Torvalds. All other trademarks belong to their respective owners. This book is part of the LinuxCommand.org project, a site for Linux education and advocacy devoted to helping users of legacy operating systems migrate into the future. You may contact the LinuxCommand.org project at http://linuxcommand.org. This book is also available in printed form, published by No Starch Press and may be purchased wherever fine books are sold. No Starch Press also offers this book in electronic formats for most popular e-readers: http://nostarch.com/tlcl.htm Release History Version 13.07 09.12 09.11 09.10 Date July 6, 2013 December 14, 2009 November 19, 2009 October 3, 2009 Description Second Internet Edition. First Internet Edition. Fourth draft with almost all reviewer feedback incorporated and edited through chapter 37. Third draft with revised table formatting, partial application of reviewers feedback and edited through chapter 18. Second draft incorporating the first editing pass. Completed first draft. 09.08 09...

Words: 100185 - Pages: 401

Free Essay

Oracle for Dummies

...and protect your data • Understand Oracle database architecture • Troubleshoot your database and keep it running smoothly Chris Zeis Chris Ruel Michael Wessler www.it-ebooks.info www.it-ebooks.info Oracle 11g ® FOR DUMmIES ‰ www.it-ebooks.info www.it-ebooks.info Oracle 11g ® FOR DUMmIES by Chris Zeis, Chris Ruel, and Michael Wessler ‰ www.it-ebooks.info Oracle® 11g For Dummies® Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2009 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http:// www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies...

Words: 106399 - Pages: 426

Free Essay

Rute Linux Tutorial

...LINUX: Rute User’s Tutorial and Exposition Paul Sheer August 14, 2001 Pages up to and including this page are not included by Prentice Hall. 2 “The reason we don’t sell billions and billions of Guides,” continued Harl, after wiping his mouth, “is the expense. What we do is we sell one Guide billions and billions of times. We exploit the multidimensional nature of the Universe to cut down on manufacturing costs. And we don’t sell to penniless hitchhikers. What a stupid notion that was! Find the one section of the market that, more or less by definition, doesn’t have any money, and try to sell to it. No. We sell to the affluent business traveler and his vacationing wife in a billion, billion different futures. This is the most radical, dynamic and thrusting business venture in the entire multidimensional infinity of space-time-probability ever.” ... Ford was completely at a loss for what to do next. “Look,” he said in a stern voice. But he wasn’t certain how far saying things like “Look” in a stern voice was necessarily going to get him, and time was not on his side. What the hell, he thought, you’re only young once, and threw himself out of the window. That would at least keep the element of surprise on his side. ... In a spirit of scientific inquiry he hurled himself out of the window again. Douglas Adams Mostly Harmless Strangely, the thing that least intrigued me was how they’d managed to get it all done. I suppose I sort of knew. If I’d learned...

Words: 159689 - Pages: 639

Free Essay

A Hands on Intro to Hacking

...Georgia Weidman. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. Printed in USA First printing 18 17 16 15 14   123456789 ISBN-10: 1-59327-564-1 ISBN-13: 978-1-59327-564-8 Publisher: William Pollock Production Editor: Alison Law Cover Illustration: Mertsaloff/Shutterstock Interior Design: Octopod Studios Developmental Editor: William Pollock Technical Reviewer: Jason Oliver Copyeditor: Pamela Hunt Compositor: Susan Glinert Stevens Proofreader: James Fraleigh Indexer: Nancy Guenther For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 245 8th Street, San Francisco, CA 94103 phone: 415.863.9900; fax: 415.863.9950; info@nostarch.com; www.nostarch.com Library of Congress Cataloging-in-Publication Data Weidman, Georgia. Penetration testing : a hands-on introduction to hacking / Georgia Weidman. pages cm Includes index. ISBN 978-1-59327-564-8 (paperback) -- ISBN 1-59327-564-1 (paperback) 1. Penetration testing (Computer security) 2. Kali Linux. 3. Computer hackers. QA76.9.A25W4258 2014 005.8'092--dc23 2014001066 I. Title. No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein...

Words: 117203 - Pages: 469

Free Essay

Ethical Hacking

...This page was intentionally left blank This page was intentionally left blank Hands-On Ethical Hacking and Network Defense Second Edition Michael T. Simpson, Kent Backman, and James E. Corley ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated...

Words: 185373 - Pages: 742

Free Essay

Mastering Unix Shell Scripting

...data warehousing, software development tools, and networking — everything you need to reach your peak. Regardless of your level of expertise, the Wiley family of books has you covered. • For Dummies – The fun and easy way to learn • The Weekend Crash Course –The fastest way to learn a new tool or technology • Visual – For those who prefer to learn a new topic visually • The Bible – The 100% comprehensive tutorial and reference • The Wiley Professional list – Practical and reliable resources for IT professionals The book you hold now, Mastering Unix Shell Scripting, is the first book to provide end-to-end scripting solutions that will solve real-world system administration problems for those who have to automate these often complex and repetitive tasks. Starting with a sample task and targeting the most common Unix systems: Solaris, Linux, AIX, and HP-UX with specific command structures, this book will save precious time with hands-on detail. The companion Web site contains all the timesaving scripts from the book. Our commitment to you does not end at the last page of this book. We’d want to open a dialog with you to see what other solutions we can provide. Please be sure to visit us at www.wiley.com/compbooks to review our complete title list and explore the other resources we offer. If you have a comment, suggestion,...

Words: 145371 - Pages: 582