The Role of Bastille Linux in Information Security
In this paper, I will briefly examine the evolution of Linux, discuss its popularity, and examine in detail Bastille Linux, which is used to increase the security of RedHat and Mandrake Linux distributions.
Read the Article
|
An Introduction to the NSA's Security-Enhanced Linux: SELinux
This paper will introduce the NSA's research project termed "Security-enhanced" Linux. It has been recognized that securing applications is only half of the battle: a computer system must also employ security policies at the OS level, and the current model of user vs. administrator that we find in standard Unix is insufficient. Security-enhanced Linux, or "SELinux", is defined as "enforc[ing] mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs". SELinux is neither a tool for encryption nor a full distribution of Linux; instead, it is a modification of the kernel to include a "security server".
Read the Article
|
The Easily Recoverable CD-ROM Booted Linux Internet Server: A How-To
The purpose of this paper is to detail the general steps to create a read-only Internet Server providing DNS and static web pages (bind and Apache). While the capabilities of such a system are limited, the applications for a system which can serve DNS or static web pages and is difficult or nearly impossible to deface (and easy to recover with a simple reboot) are many.
Read the Article
|
Security Applications of Bootable Linux CD-ROMs
The author's first exposure to read-only media as a security mechanism was several years ago when he first installed Tripwire on a Solaris file server. Tripwire's documentation strongly urged that the file of checksums be stored on read-only media so that an intruder could not modify them. The only read-only medium accessible at the time was the pitifully small 1.44 MB floppy disk. The floppy disk was sufficient to contain the file of checksums, but what if an intruder hacked the tripwire executables to hide his tracks?
Read the Article
|
Securely Installing Linux
It's important to be aware that when you're installing Linux, you're installing a powerful server operating system. This means that most of the install procedure for a user like you or I actually involves not installing things, and then configuring the remaining elements as securely as possible. I can't stress enough that security is an important and ongoing concern, one that starts with installing and configuring your system as a stand alone box (so that it can't get hacked before you harden it), continues with constant attention to security holes and fixes, and then never ends.
Read the Article
|
Keeping Red Hat Linux Systems Secure with up2date
In this paper I will give an in depth overview of the software update mechanisms used by the Red Hat Network from Red Hat Inc. After giving an introduction to this technology, I will then elaborate on its software update utility, up2date.
Read the Article
|
Introduction to Shell Scripting
This series focuses on shell scripting in Unix/Linux and focuses on using the bash scripting language. The assumption is that you are new to both Unix and programming. However you will still find things easier to understand if you have some programming experience in a high level language like Basic, C/C++, Java or Pascal/Delphi and some experience with Unix or Linux.
Read the Article
|
Shell Script Programming
There is only one thing you must have in a shell script and that's a line specifying what interpreter is to be used to interpret this script. This begins with the symbols #! and is followed by the full path to the interpreter, this will usually be "/bin/bash" for bash scripts and "/bin/sh" for bourne shell scripts. Some system administrators may install bash elsewhere ("/usr/local/bin" is common) you can find out where by typing "which bash". So basically the first line of the script should be "#!/bin/bash". In order to run the script you must first give it execute permissions, this is done by typing "chmod u+x scriptname", you only need to do this once per script.
Read the Article
|
An Introduction to Securing Linux with Apache, ProFTPd, and Samba
After becoming acquainted with the new interface of Linux, whether KDE, Gnome, or another window manager, users may begin to explore their system. Many machines come with default installations of Apache and Samba, and a few others even include a FTP daemon. While these services may be disabled by default, some users may be inclined to use these programs. This article is a brief, but in-depth tutorial on how to keep these applications up-to-date and secure.
Read the Article
|
Introduction to Linux
Linux is an Open Source Operating System kernel, this means it contains a core set of functions needed by most programs. The kernel is the base of the operating system. Everything communicates with the kernel, and the kernel is responsible for passing that information between the application layer and the hardware. Linux is often thought as being an entire operating system complete with a wide range of applications, it isn't. This is what's known as a Linux Distribution.
Read the Article
|
