Improving Linux Security Using Medusa
A project called Medusa provides a Linux kernel patch that intercepts certain kernel routines and queries an extra-kernel security provider. While this is similar to PAM, it has a number of advantages. First and foremost, applications are ignorant of the security system; they don't have to be specially coded to take advantage of the system. Second, security applies to a wide range of system resources, with a high level of granularity. Medusa, therefore, provides not only file-level access control, but can also be configured to control access to processes, or virtually any other system resource.
Read the Article
|
FOCUS on Linux: Securing Linux Part I
This paper focuses on methods that can be used not only to secure a machine with a high degree of confidence, but still allow your users to be able to accomplish their work.
Read the Article
|
FOCUS on Linux: Securing Linux Part II
This article will examine some additional tools that can be installed to increase the overall security posture of a Linux system.
Read the Article
|
How-To Make Linux System Auditing a Little Easier
In this paper I will talk about the various programs and utilities that can be used to audit your Linux system and how to put them all together in one script to make daily system auditing a little easier.
Read the Article
|
Step by Step Installation of a Secure Linux Web, DNS and Mail Server
This paper will show how the author configured a Linux based web and e-mail server for a small company. This server is co-located at a local ISP. Because of budget limitations, the company can only locate one physical box at the ISP which limits what security measures that can be installed. The author will seek to explain the choices made. The paper will include instructions on how to build a secure web and email server with an emphasis on two key security areas; Keeping crackers out and Detecting any signs of cracker activity and limiting the changes a cracker can make This document expects the reader to have a good understanding of installing Linux and the various tools included for text editing, configuration etc.
Read the Article
|
Linux Process Containment - A practical look at chroot and User Mode
This document will explore some of the general ideas of how process containment is performed with chroot and User-mode Linux, and how to help ensure that a successful attack on a jailed process does not affect the main system. The benefits of each tool is contrasted, and in conclusion is shown that neither tool is best for containing all processes for all environments individually, but rather the tools can complement each other to add even more security.
Read the Article
|
Secure OS Environments for Linux
In this paper I make a review of the main set of tools and resources available for Linux system administrators willing to build an operating system with enhanced security features that allow applications to run securely in a network accessible from the Internet. I have summarized the state of the art in this subject by offering an overview of the tools, compiling the most useful references and classifying them accordingly. The ultimate goal of the paper is to make more affordable the initial work for anyone interested in this topic.
Read the Article
|
Linux RootKits For Beginners - From Prevention to Removal
One day while reading a mail list for the Linux Users Group in my hometown I discovered a call for help. It was a posting from a novice Linux user with a disturbing issue. That situation prompted me to write this paper to an understanding of rootkits and its effects. This paper will also discuss how to monitor for a rootkit, and the steps that need to be taken to remove one.
Read the Article
|
Using Linux Scripts to Monitor Security
This paper will show how to use basic Linux scripting to create a reusable network security monitor that is easy to use and easy to maintain. The purpose of this exercise is introduced with suggestions where it might be useful. Linux commands are discussed, along with techniques to automate them and interpret their results. Methods for turning these scripts into a generic, reusable tool that is easy to maintain are demonstrated, along with further suggestions for enhancing this tool. The full script including all the examples and the complete output are given at the end of the paper, along with a list of references.
Read the Article
|
Aggressive Patching and the Use of a Standard Build: An OpenBSD Example
This paper starts with a brief general discussion of the importance of a standard build and defines Aggressive Patching as a vital part of defense in depth. It then goes on to demonstrate how to implement Aggressive Patching by creating a Standard Build internet server farm and support structures that allow for automated patching and rapid deployment of hardened servers.
Read the Article
|
