...Research Assignment 2.1 Kyle McGraw ITT Technical Institute IT302 Linux Mr. Gort April 14, 2012 In this paper I will go over 3 different types of Linux security technologies those follow with SELinux, chroot jail, and iptables. These technologies aid in prevention of identity theft. I will help you understand what they are and who designed them and what good they are for you to use them. In the next paragraphs you will be able to decide which one is for you and more about the use of them. Under the GPL in late 2000 SElinux was released from the National Security Agency’s Office of Information Assurance. More recently it was developed by the open source community with the help of NSA. SElinux currently ships as a part of Fedora Core, and it’s supported by Red Hat. Also there are packages that exist for Debian, SuSe, and Gentoo although at this time these were unsupported by anyone. SElinux is based on the concept of Mandatory Access Control. Under MAC, administrators control every interaction on the software of the system. A least privilege concept is used, by default applications and users have no rights, because all rights have to be granted by an administrator because of the system’s security policy. Under DAC, the files are owned by the user also that user has full control over them. If an attacker penetrates that user’s account they can do whatever with the files owned by that user. Standard UNIX permissions are still present on the system, and will be consulted before...
Words: 938 - Pages: 4
...Reserch Assignment 2.1 Research Assignment 2.1 Kyle McGraw ITT Technical Institute IT302 Linux Mr. Gort April 14, 2012 In this paper I will go over 3 different types of Linux security technologies those follow with SELinux, chroot jail, and iptables. These technologies aid in prevention of identity theft. I will help you understand what they are and who designed them and what good they are for you to use them. In the next paragraphs you will be able to decide which one is for you and more about the use of them. Under the GPL in late 2000 SElinux was released from the National Security Agency’s Office of Information Assurance. More recently it was developed by the open source community with the help of NSA. SElinux currently ships as a part of Fedora Core, and it’s supported by Red Hat. Also there are packages that exist for Debian, SuSe, and Gentoo although at this time these were unsupported by anyone. SElinux is based on the concept of Mandatory Access Control. Under MAC, administrators control every interaction on the software of the system. A least privilege concept is used, by default applications and users have no rights, because all rights have to be granted by an administrator because of the system’s security policy. Under DAC, the files are owned by the user also that user has full control over them. If an attacker penetrates that user’s account they can do whatever with the files owned by that user. Standard UNIX permissions are still present on the system...
Words: 940 - Pages: 4
...INTRODUCTION According to Erskine May, "Parliamentary privilege is the sum of the peculiar rights enjoyed by each House collectively... and by members of each House individually, without which they could not discharge their functions, and which exceed those possessed by other bodies or individuals. Thus, privilege, though part of the law of the land, is to certain extent an exemption from the general law. Certain rights and immunities such as freedom from arrest or freedom of speech belong primarily to individual members of each House and exist because the House cannot perform its functions without unimpeded use of the services of its members. Other such rights and immunities such as the power to punish for contempt and the power to regulate its own constitution belong primarily to each House as a collective body, for the protection of its members and the vindication of its own authority and dignity. Fundamentally, however, it is only as a means to the effective discharge of the collective functions of the House that the individual privileges are enjoyed by members. "When any of these rights and immunities is disregarded or attacked, the offence is called a breach of privilege and is punishable under the law of Parliament. Each House also claims the right to punish as contempt actions which, while not breaches of any specific privilege, obstruct or impede it in the performance of its functions, or are offences against its authority or dignity, such as disobedience to its legitimate...
Words: 529 - Pages: 3
...not think white privilege exists, but those opinions prove exactly why white privilege does indeed exist. This is because privilege is a lot more noticeable when you do not have it, rather than when you do. White privilege is a prevalent factor in society, which is abundantly clear to those in a non-white ethnic group but invisible to white people. White privilege is everywhere. From waking up in the morning to going to bed, the average person probably comes across ten or more privileges that benefit white people. This leaves all other races being discriminated against/ being set at a disadvantage daily. The article "White Privilege" defined white privilege as "the unearned privileges that white individuals experience daily (often unconsciously) because they are not subjected to...
Words: 1028 - Pages: 5
...a risk. Hacking is the risk that members of society must face. Hackers can find any information they wish to acquire, which puts information, such as finances and personal, at great risk. In order to understand how to prevent hacking, one must first understand what is at risk to be hacked and the way in which the act is done. Technology has become a constant part of every day life. People now manage their bank accounts, pay bills, deal with highly confidential information, and even personal information online. All these aspects of technology in daily life are a temptation to others throughout the internet. Those who find themselves tempted perform the task of hacking, which leaves others and their personal information vulnerable. This paper will discuss society’s reliance of technology in all aspects of life; thereby, leaving personal information vulnerable. Also being discussed will be information hackers find tempting, the steps that some take to hack into systems allowing them access to normally unavailable information and the steps that can be used to help prevent hacking from occurring. Method In the task of preventing hackers from gaining access to information that could be harmful to the individual, you must first understand what information is at risk and how hackers perform the task of hacking. In order to do this, I had to research what systems/files are at risk to be hacked and the way in which hackers perform the task of hacking. By assessing these factors, one...
Words: 2876 - Pages: 12
...Secure Computing Corporation, Trusted Computer Solutions, and Tresys Technology. Experimental ports of the FLASK/TE implementation have been made available via the TrustedBSD Project for the FreeBSD and Darwin operating systems. SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication. A Linux kernel integrating SELinux enforces mandatory access-control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs. This reduces or eliminates the ability of these programs and daemons to cause harm when compromised. This confinement mechanism operates independently of the traditional Linux access control...
Words: 1252 - Pages: 6
...Linux Security Basics Security is always at the top of the list when setting up a network and also administering a network. Linux is an operating system that can be easily obtained over the internet due to its open source distributions. Linux is one of the most secure operating systems because of having less use than Windows for the end user. There are several security technologies in Linux that can be implemented into a network. The three technologies that I will be discussing are SELinux, chroot jail, and iptables. SELinux was developed by the National Security Administration in an effort to incorporate a strong, flexible mandatory access control architecture into the major subsystems of the Linux kernel. The NSA recognized that operating system security is critical at higher levels. It provides a tool to enforce the separation of information based on the confidentiality and integrity requirements. This helps when addressing threats of tampering and bypassing of application security. It also assists in the isolation of damage that is caused by malicious software or damaged applications. SELinux uses the Flux Advanced Security Kernel which contains components that provide support for enforcing many kinds of MAC policies like type enforcement, role-based access control, and multilevel security. The Linux kernel that is implementing SELinux enforces MAC policies that limit the user programs and system servers to only what they need to complete the job. When a limit...
Words: 1313 - Pages: 6
...IT302 Linux Administration Research #1 I researched three Linux security technologies which are, SELinux, chroot jail and iptables. As you read into this research you will see that they are split up into their own catagories so that it is easy to read information on whichever topic you would like. SELinux As part of its Information Assurance mission, the National Security Agency has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. Recognizing the critical role of operating system security mechanisms in supporting security at higher levels, researchers from NSA's National Information Assurance Research Laboratory have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments. End systems must be able to enforce the separation of information based on confidentiality and integrity requirements to provide system security. Operating system security mechanisms are the foundation for ensuring such separation. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security. The results of several...
Words: 1295 - Pages: 6
..............................................................3 I. Exploiting XP .........................................................................................................................................................4 II. Exploiting Ubuntu ...............................................................................................................................................20 Summary ......................................................................................................................................................................39 1 CHAPTER 13 2 CHAPTER 13 Introduction In the post-exploitation phase, we will look at information gathering on the exploited systems, privilege escalation. Perhaps we’ll find that we can access sensitive data stored on the exploited system. Maybe the exploited system is part of a domain, and we can use it to access other systems on the domain. These are just a few of the potential avenues open to us in post exploitation. Post exploitation is arguably the most important way to get a clear picture of a client’s security posture. 3 CHAPTER 13 I. Exploiting XP Kalis IP Address 4 CHAPTER 13 Windows XP IP Address 5 CHAPTER 13 Starting metasploit 6 CHAPTER 13 Stablished link again from lab 8 to continue this lab 7 CHAPTER 13 Showing help upload 8 CHAPTER 13 Uploading file to C: drive 9 CHAPTER 13 Showing name...
Words: 857 - Pages: 4
...are used to configure TCP Wrappers? host.allow and hosts.deny (e) What keyword in TCP Wrappers matches any daemon or client? All or Exact (f) Given the following entry in TCP Wrappers what will happen when a client address 172.16.24.100 tries to access a Web site running on this server? The IP matches both the access and deny hosts files. It will be allowed access because it matches the first hosts file that is checked. (g) What is a chroot jail? It is a process with a root directory other than /. Say you run a process or program and specify its root as /home/sam/jail, it would have no knowledge of any files above /home/sam. Jail is the root directory. (h) When might a chroot jail not work? Running a chroot utility with root privileges, and also using su or sudo programs. Those are compiled for Fedora/REEL and they call PAM, you would have to modify the source so it does not call PAM. Either one could lead to an unsecure jail. (i) What is the name of the kernel component that uses the iptables rules to filter network traffic? Netfilter 2. Create an iptables rule that will block all traffic from 10.14.34.207 and not let the sender know that the traffic was blocked. #...
Words: 345 - Pages: 2
...Chapter 18 Exercises 1.What is the difference between the scp and sftp utilities? copies file to and from a remote system SFTP is the same but is secure 2.How can you use ssh to find out who is logged in on a remote system? Assuming you have the same username on both systems, the following command might prompt you for your password on the remote system; it displays the output of who run on host: $ ssh host who 3.How would you use scp to copy your ~/.bashrc file from the system named plum to the local system? $ scp ~/.bashrc zack@plum: 4.How would you use ssh to run xterm on plum and show the display on the local system? Assuming you have the same username on both systems and an X11 server running locally, the following command runs xterm on plum and presents the display on the local system: $ ssh plum xterm You need to use the –Y option if trusted X11 forwarding is not enabled. 5.What problem can enabling compression present when you are using ssh to run remote X applications on a local display? When using compression latency is increased and the outcome is always undesirable slower speeds, and data interruption. 6.When you try to connect to a remote system using an OpenSSH client and you see a message warning you that the remote host identification has changed, what has happened?What should you do? This message indicates that the fingerprint of the remote system is not the same as the local system remembers it. Check with the remote system’s...
Words: 1325 - Pages: 6
...still have to reference hard-coded mappings between IP addresses and host names 4. What does the /etc/resolv.conf file do? The /etc/resolv.conf file is the resolver configuration file. It provides access to DNS for Internet address resolution. The nameserver line indicates which systems the local system should query to resolve hostnames into IP addresses, and vice versa. 5. How would you mount an ISO image so that you could copy files from it without burning it to a CD? $ mount -t -o loop image.iso /mnt/image 6. Why are setuid shell scripts inherently unsafe? A normal user acquires root priveleges. So, those commands are dangerous. 7. Some older kernels contain a vulnerability that allows a local user to gain root privileges. Explain how this kind of vulnerability negates the value of a chroot jail. 8. What does FIFO stand for? First in first...
Words: 305 - Pages: 2
...Focus on Pellow's discussion of stakeholders and ways in which companies maneuver to obtain approval and minimize opposition. How do these strategies connect to "colonial" hierarchies and institutionalized racism? As Pellow states, the causes of environmental injustice referenced in the scholarly literature include institutional racism in housing… and the exclusion of low-income individuals and people of color from the dominant environmental movement” (Pellow, 13). And the environmental inequality is a social process involving and impacting many stakeholders, such as social movement organizations, private sector firms, the state, residents, and workers. “When different stakeholders struggle for access to valuable resources within the political economy, the benefits and costs of those resources become distributed unevenly” (Pellow, 14). Which means that, those stakeholders with less power suffers from environmental inequality, such as living and working under dangerous conditions; those stakeholders with greater power are able to deprive other stakeholders. Thus, workers and residents with minimal political power are the most vulnerable to environmental inequality. In order to obtain approval and minimize opposition, companies adopt many strategies, which are connected to "colonial" hierarchies and institutionalized racism. “Throughout history, one of the most effective ways of controlling a colony was to create hierarchies (or intensify existing ones) between social classes...
Words: 373 - Pages: 2
...Linux Security Technologies There are many ways to have internet access these days. Coffee shops, libraries, airports and even public buses have free wireless access. With all these free accesses to the World Wide Web, there is also many potential ways for hackers to potentially get your personal information and use it for their gain. There are many ways to combat this situation by using several security measures with Linux programming, which the majority of the software is free. Some of those security technologies are SELinux, TCP Wrappers, IPtables and Chroot Jail to name a few. SELinux is a security enhancement to Linux which allows users and administrators more control over access control. Access can be constrained on such variables as which users and applications can access which resources. Was developed by the NSA in December of 2000. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications. SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such...
Words: 1350 - Pages: 6
...Claudia Goodman IT302 Homework 2 Security-Enhanced Linux The NSA has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. It recognizes the critical role of operating system security mechanisms in supporting security at higher levels. End systems must be able to enforce confidentiality and integrity requirements to provide system security. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. Application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security. The results of several of these projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. This has been mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel. This provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements and it allows threats of tampering and bypassing of application security mechanisms to be addressed while enabling the confinement of damage that can be caused by malicious or flawed applications. This is simply an example of how mandatory access controls that can confine the actions of any process, including an...
Words: 1522 - Pages: 7
