Free Essay

Linux System Administration

In:

Submitted By ike1421
Words 291
Pages 2
IT302 Linux System Administration
Research Assignment 1

SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system.

The three basic elements of the VServer are: The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network addresses, to change the ownership of a file, etc. (See /usr/include/linux/capability.h for details.) The vserver-utils provides a tool to take away capabilities from a process. The chroot jail. The existing Linux kernel provides a way to limit a process to a subdirectory, by changing the 'file system root' for the process to be the subdirectory

Similar Documents

Free Essay

It-302-Linux System Administration

...Security-Enhanced Linux is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls. These functions were run through the Linux Security Modules in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating system kernels, such as Linux and that of BSD. SELinux was developed by the United States National Security Agency, it was released to the open source development community under the GNU GPL on December 22, 2000. SELinux users and roles are not related to the actual system users and roles. For every current user or process, SELinux assigns a three string context consisting of a role, user name, and domain. This system is more flexible than normally required: as a rule, most of the real users share the same SELinux username, and all access control is managed through the third tag, the domain. Circumstance for when the user is allowed to get into a certain domain must be configured in the policies. The command runcon allows for the launching of a process into an explicitly specified context, but SELinux may deny the transition if it is not approved by the policy configuration. The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In...

Words: 907 - Pages: 4

Free Essay

It302 Linux System Administration Research Assignment 1

...IT302 Linux System Administration Research Assignment 1 SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system. Linux V-Server – The three basic elements of the VServer are: * The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. * Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network addresses...

Words: 423 - Pages: 2

Free Essay

Resume

...Lauren Lamotte | 7714 Lancer Ct | Niceville, FL 32578 | (850) 408-6789 | lauren.lamotte@us.af.mil November 14, 2015 Linda Vinetti Hiring Manager Capriccio Software, Inc. 3556 Gen DeGualle Blvd New Orleans, LA 70128 Dear Ms. Vinetti: I read of your company’s need for a Linux Systems Administrator in the New Orleans area on Indeed.com. I will be returning to New Orleans after my military enlistment is complete, and I believe that I would be an excellent fit for the company. I have worked as an IT professional in the United States Air Force for over six years, with my last three years working as a Linux Systems Administrator, and I am confident in my ability to become a valuable member of your team. I have an Associates degree in IT, and I am working towards by Bachelors degree in Information Systems Management. I am also professionally certified from Microsoft, Cisco, and CompTIA. As a Linux System Administrator, I have extensive experience in the following areas: * System Administration and Repair * Systems Installation, Configuration & Upgrading * Programming and Scripting * System Security, Backup and Recovery As a supervisor in the United States Air Force, I have experience working in teams, and I thrive under pressure. Additionally, I have excellent communication and interpersonal skills, which has...

Words: 894 - Pages: 4

Premium Essay

System Admin

...System administration By: MANUEL Y.R.C What entails to be a system administrator? * A system administrator (SA) is responsible for managing and maintaining a multiuser computing environment. * He /she looks after computers, networks, and the people who use them. * May look after hardware, operating systems, software, configurations, applications, or security. * A system administrator influences how effectively other people can or do use their computers and networks. SA responsibilities include: * Installing, maintaining and troubleshooting workstations, servers, OSs, software applications and other computing systems * Creating user accounts and assigning user permissions * Executing anti-virus mechanisms * Creating backup * Creating file systems * Monitoring network communication * Updating systems upon release of new OSs or software * Implementing computer, network and security policies for system and network users. * Light programming or scripting * User training and management * Hardware and software system security, such as protection against hardware theft and abuse, malware/spyware and unauthorized use of systems and components, including firewall and intrusion detection system maintenance (http://www.techopedia.com/definition/4815/system-administrator-sa Book:the practice of system and network administration second adition by:Tomas A,limoncile) Consequences of not doing your work as system administrator...

Words: 507 - Pages: 3

Free Essay

Mircorsoft

...System Administrator Description: Computer networking jobs involve designing, setting up, and maintaining a network. Requirements: Although most users today have their own home networks, setting up, troubleshooting, and maintaining a corporate network can be a much more complicated task. Often, networking jobs also require a good understanding of how a network works, and in some cases how all the underlying protocols and structure of how networks work. Recommendations: There are numerous network and network related certifications available today, such as the CCNA, MCSE, etc. Often depending on the level of certification and the job you are applying for, the certifications will be more than enough to quality you for most network jobs. Some of the higher networking positions, especially in the development of network hardware or programming side, may also require past experience in networking or a degree. Difficulty: (MEDIUM - HIGH) Depending upon the job specifications and the complexity of the network usually determines the difficulty of this job. Networking Security expert Description: Test and find vulnerabilities in a system, hardware device, or software program. Requirements: This position is for someone who has a strong familiarity with how software, hardware, and networks work and how to exploit them. Often, you need to have a good understanding of how the overall system works as well as good programming skills. Recommendations: Keep up-to-date with all security...

Words: 1124 - Pages: 5

Free Essay

Principles of Network and System Administration

...Chapter (Self-test Objective) Question # 1: What kinds of issues does system administration cover? Answer: As we discussed in class, a Network System Administrator has to be knowledgeable, has to have customer service skills to be stay calm & collected when a complaint occurs, and must be able to rectify the problem. As the course text book “Principles of Network and System Administration”, by author Mark Burgess mentions in chapter #1 section 1.6 The challenges of system administration : “System administration is not just about installing operating systems. It is about planning and designing an efficient community of computers so that real users will be able to get their jobs done. That means: • Designing a network which is logical and efficient. • Deploying large numbers of machines which can be easily upgraded later. • Deciding what services are needed. • Planning and implementing adequate security. • Providing a comfortable environment for users. • Developing ways of fixing errors and problems which occur. • Keeping track of and understanding how to use the enormous amount of knowledge which increases every year.” The author also mentions that some of the Network System Administrators are responsible for both the hardware of the network and the computers which it connects, i.e. the cables as well as the computers and some are only responsible for the computers. Most importantly a System Administrator must have an understanding of how data flows from machine...

Words: 337 - Pages: 2

Free Essay

Ntc/411 Network Management Paper

...Network Management (Your Name) NTC/411 (Current Date) (Instructor’s Name) Network Management Network management is an integral part of any IT system. Managing a network can be a tough task at times and managers have to decide on the best approaches for their network management. In this paper we’ll discuss out-of-band vs. in-band network management. We’ll also provide some examples of some of the protocols that perform in both types of network management and how enterprise systems are affected by the network management techniques along with business intelligence systems. In general, in-band and out-of-band refer to whether the solution or technique sits in the flow of the network traffic or out of the flow. Some IT professionals say that in-band network management provides better security than an out-of-band approach. Before we get into too much detail we need to discuss what an out-of-band and an in-band network management approach are. In-band approaches require devices or hardware to sit in the flow of live network traffic, often where endpoints access the network so that all client traffic has to pass through them. When a network manager decides to deploy an in-band device then they will be able to provide pre-connect and post-connect security. Network adapters are the most common type of in-band remote management hardware devices (Nevis Networks, 2007). In a Windows environment you can use remote access connections to manage servers...

Words: 1099 - Pages: 5

Premium Essay

Comp 230

...This course introduces basic programming concepts, logic, and scripting language tools used to automate basic system administrator processes. Critical thinking, logic, and troubleshooting are emphasized. Database applications are also introduced, helping students develop basic skills in using a typical database. Security topics are discussed. I am looking for someone on a weekly basis to login in to my online class and work on assignments, and discussion posts. Also a ilab, and short quizes multiple choice. There is also a course project: Your company is currently planning to automate many different system administration tasks. Your manager has asked you to research a system administration task and implement it using VBScript. In addition, your manager would like to see both a proposal that describes the system administration task and a complete VBScript solution with sample output runs. During the first 6 weeks of this course, you will be introduced to a variety of topics in VBScript. These topics include the following. VBScript Introduction: Variables, Constants, and Data Types VBScript Output Methods, VBScript Input Methods VBScript Decision-Making Statements VBScript Loop Structures and Arrays VBScript Procedures and Functions VBScript File Input/Output Methods The Course Project is worth 170 points and is comprised of the following deliverables. Week 3: Outline (30 points) Week 6: Complete proposal (140 points) The following...

Words: 343 - Pages: 2

Premium Essay

Unix Administration Chapter 2

...Advanced SUSE Linux Enterprise Server Administration (Course 3038) Chapter 2 Configure the Network Manually Objectives • • • • Understand Linux Network Terms Set Up Network Devices with the ip Tools Save Device Settings to a Configuration File Set Up Routing with the ip Tool Advanced SUSE Linux Enterprise Server Administration (Course 3038) 2 Objectives (continued) • Save Routing Settings to a Configuration File • Configure Host Name and Name Resolution • Test the Network Connection with Command-Line Tools Advanced SUSE Linux Enterprise Server Administration (Course 3038) 3 Understand Linux Network Terms • Device – Network adapter built into the system • Link – Used by command-line tool ip to refer to the connection of a device to the network • Address – IP address assigned to a device • Broadcast – Refers to the broadcast address of a network • Route – Path IP packet takes from source to destination host Advanced SUSE Linux Enterprise Server Administration (Course 3038) 4 Set Up Network Devices with the ip Tool • Command-line ip tool – Changes the network card configuration • Used to perform the following tasks – Display the Current Network Configuration – Change the Current Network Configuration Advanced SUSE Linux Enterprise Server Administration (Course 3038) 5 Display the Current Network Configuration • IP address setup – Syntax • ip address show Advanced SUSE Linux Enterprise Server Administration (Course...

Words: 1162 - Pages: 5

Free Essay

Redhat

...LINUX-6 Curriculum chnoworld ive Development | Training | Consultancy Rh124 Red Hat System Administration I Red Hat System Administration I (RH124) is designed for IT professionals who are new to Linux and require core Red Hat Enterprise Linux skills. Focused on administration tasks that will be encountered in the workplace, this course will actively engage students in task-focused activities, labbased knowledge checks, and facilitative discussions to ensure maximum skill transfer and retention. In addition, GUI-based tools will be featured to build on the students' existing technical knowledge, while key command line concepts will be introduced to provide a foundation for students planning to become fulltime Linux system administrators. By the end of the five-day course, students will be able to perform installation, establish network connectivity, manage physical storage, and perform basic security administration. LINUX-6 Course Outline Unit 1: Get Started with the GNOME Graphical Desktop Objective: Get started with GNOME and edit text files with gedit Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus Unit 3: Get Help in a Graphical Environment Objective: Access documentation, both locally and online Unit 4: Configure Local Services Objective: Configure the date and time and configure a printer Unit 5: Manage Physical Storage I Objective: Understand basic disk concepts and manage system...

Words: 1463 - Pages: 6

Free Essay

Linux

...Syllabus College of Information Systems & Technology POS/420 Version 9 Introduction to UNIX® | |Copyright © 2010, 2009, 2008, 2006, 2005, 2004, 2001, 2000 by University of Phoenix. All rights reserved. Course Description This course is a survey of the UNIX® operations. The student will gain an understanding of the internal operations of the UNIX® system, which enables the user to make efficient use of files, file systems, and processes. Commands for efficient management of UNIX® system files, file systems and process, systems administration and security are also examined. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Blum, R. (2008). Linux® command line and shell scripting bible. Indianapolis, IN: Wiley. Love, P., Merlino, J., Zimmerman, C., Reed, J. C., & Weinstein, P. (2005). Beginning Unix®. Indianapolis, IN: Wiley. Software RedHat Linux 5 (Virtual Desktop) Article...

Words: 1560 - Pages: 7

Premium Essay

Class Notes - Networking

... Violators will be prosecuted. Essential Linux Administration: A Comprehensive Guide for Beginners Page 1 of 4 PRINTED BY: Norman Puga . Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted. ESSENTIAL LINUX ® ADMINISTRATION: A COMPREHENSIVE GUIDE FOR BEGINNERS i CHUCK EASTTOM WITH SERGE PALLADINO Course Technology PTR A part of Cengage Learning 9781133795308 i ii Essential Linux Administration: A Comprehensive Guide for Beginners Chuck Easttom with Serge Palladino Publisher and General Manager, Course Technology PTR: Stacy L. Hiquet Associate Director of Marketing: Sarah Panella Manager of Editorial Services: Heather Talbot Marketing Manager: Mark Hughes Acquisitions Editor: Heather Hurley Project and Copy Editor: Marta Justak Technical Reviewer: Danielle Shaw Interior Layout Tech: MPS Limited, a Macmillan Company Cover Designer: Mike Tanamachi Indexer: Sharon Shock Proofreader: Kelly Talbot © 2012 Course Technology, a part of Cengage Learning. ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted under Section 107 or 108...

Words: 34239 - Pages: 137

Free Essay

Linux and Windows Server Critique

...Linux and Windows Server Critique Team C POS 420 June 25, 2012 Yevgeniy Tovshteyn Linux vs. Windows Both Linux and Windows are operating systems with advantages and differences in functionality and user friendliness. With networking becoming an important part of company operation in this day and age. Kudler will come to depend on networking for availability to the marketplace via the Internet, while requiring their internal systems for email, Voice over Internet Protocol (VoIP) phone systems, and using business data. Linux and Windows are the only 2 operating systems that have grown to the top level in the field of networking. Learning Team C examines these types of strengths and weaknesses regarding security, administration, performance, and programming. Kudler Fine Foods Current Systems: 3 locations: La Jolla, Del Mar, and Encinitas La Jolla Novell 4.11 Server for POS 4 POS Workstations with Pentium II, Windows 9X 1 Standalone UPS (Uninterruptable Power Supply) 1 Server with Inventory Spreadsheet with Pentium II, 64mg Ram, Windows 9X, external CD burner and bubble jet printer. 1 Server with NT Server 1 56K modem Del Mar Novell 4.11 Server for POS 4 POS Workstations with Pentium II, Windows 9X 1 Standalone UPS (Uninterruptable Power Supply) 1 Server with Inventory Spreadsheet with Pentium II, 64mg Ram, Windows 9X, external CD burner and bubble jet printer. 1 Server with NT Server 1 56K modem Encinitas Novell 4.11 Server for POS 4 POS...

Words: 1833 - Pages: 8

Free Essay

Unix

...Carrier Objective: Obtaining a challenging career in the field of Information Technology as a Unix/Linux Systems Administrator to utilize the knowledge that I have gained through past years of experience in various industries such as Telecommunications, Banking, Medical, Insurrance and government establishments . Qualification Summary: 5 Years of Unix experience with overall 10+ years of experience in the field of Information technology. Master's Degree in Micro-Electronics & Diploma in Computer Sciences. Specialize in following: Unix Administration on Sun Solaris and Red Hat Linux environment. VERITAS Volume Manager and Cluster Server experience. Websphere Application Server experience Virtualization Technologies VMware ESXi 5 Large 24x7 mission-critical production environment experience. Unix Administration, maintainance providing support in an enterprise enviroment (Resolved, escalated and dispatched technical issues) Experience with EMC/Openfiler SAN,configured and Managed SAN storage for Vmware Vsphere enviroment . Communication skills in handling diversified activities like Customer Support, in various capacities from front-end field engineer to the present capacity working. Well versed with Incident resolution and Change Management process. Performing Datacenter administration ( HP/SUN Servers including C7000,M4000, M5000, T5220, T5240, V440, V480/V490, V880/V890, E4500, E6500) tasks such: Backups, restore, Tape Management, Installation, Upgradation & Decommission...

Words: 1089 - Pages: 5

Premium Essay

Windows Server and Linux Critique

...Riordan’s Windows Server and Linux Critique Learning Team A POS/420 Date: Instructor: Riordan’s Windows Server and Linux Critique At the request of Riordan Manufacturing, Inc., the project team conducted a thorough review to compare the advantages and disadvantages of Windows Server and Linux. The recommendation of an operating system will ensure Riordan’s business operations continue with compatibility between all locations with the highest level of security, administration, networking, performance, and programmabilityimplemented. Security Although there are proponents everywhere for each type of operating system available on the market today, the focus of this project team, at the request of Riordan management, is to compare the security advantages and disadvantages of Windows Server and Linux. Windows Server Advantages. Windows Server has improved over the years in providing basic security provisions for administrators. Access to any system is extremely important to security professionals, such as domain name system (DNS), active directory domain services (AD), and access to web servers using Internet Information Services (IIS). DNS security extensions (DNSSEC) provide added security when a consumer is gaining access to a company’s website as well as how the company interacts...

Words: 1859 - Pages: 8