Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

IS3440.U1 - Phdtaylor.com

IS3440 Linux Security
Unit 1
Introduction to Linux Security
© ITT Educational Services, Inc. All rights reserved.
Learning Objective
 Identify threats to the Linux operating
system and other open source applications.
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 2
Key Concepts
 Open source software security considerations
 Impact of laws and regulations on a security
policy
 Threats to the seven domains of an
information technology (IT) infrastructure
 Standard methodologies for testing
vulnerabilities on Linux and open source
applications
 Linux in the emerging virtual machine (VM)
market
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 3
EXPLORE: CONCEPTS
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 4
Linux in the Seven Domains
 User domain
 Workstation domain
 Local area network (LAN) domain
 Wide area network (WAN) domain
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 5
Linux in the Seven Domains
(Continued)
 LAN-to-WAN domain
 Remote access domain
 System domain
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 6
Open Source Productivity
Applications
 Firefox Web browser
 OpenOffice.org suite
 Thunderbird e-mail client
 Scribus desktop publishing
 Kino video editor
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 7
EXPLORE: PROCESSES
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 8
Defining the Security Framework
Frameworks to Choose From
Key Questions to Consider
 National Institute of
 What are the critical
Standards and
assets and threat
Technology (NIST)
agents?
 Certified Information
 Who would a system
Systems Security
compromise impact?
Professional (CISSP) 10
 Where are the critical
Domains
Framework assets located?
Selection
 International
 When have past
Organization for
security breaches in
Standardization (ISO)
the industry occurred?
17799 and ISO 27001
 How does legislation
 Open Source Security
and regulations
Testing Methodology
mandate policy?
Manual (OSSTMM)
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 9
EXPLORE: ROLES
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 10
Responsibilities of a Linux
System Administrator
 System availability and performance
 User access and denial
 Maintenance of the integrity of operating
system, application, storage files,
resources, and data transmission
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 11
Tasks of a Linux System
Administrator
 Tuning performance and making upgrades
 Configuring and restoring system
 Managing user and group accounts
 Deploying, logging, and monitoring
 Documenting configurations and processes
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 12
EXPLORE: CONTEXTS
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 13
Linux in the Market: Quick Facts
 Over 90% of the world’s super computers
run on Linux.
 The servers of New York Stock Exchange
and Google run on Linux.
 Red Hat and Novell are the top commercial
Linux vendors for enterprises.
 Linux is predicted to have a 33%
smartphone share by 2015.
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 14
EXPLORE: RATIONALE
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 15
VM
A VM can be a:
 Hardware VM or Hypervisor
• Type1—runs on native machines
• Type2—runs on host operating systems as guest
 Application VM
• Java VM and Dalvik VM
• Adobe Flash Player
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 16
Advantages of a Hypervisor
 Saves money on hardware and power
 Well-positioned for bastion hosts
 Makes better use of hardware resources
 Easier to manage
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 17
Linux in the VM Market
 Linux provides a scalable, robust solution to
scale many servers in a VM environment
without the additional licensing costs.
 The relative small size of Linux allows for
many instances of VMs to run.
 The Linux kernel 2.6.20 has virtualization
capabilities built-in with Kernel-based VM
(KVM).
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 18
Popular VM Software Used with
Linux
VM
Licensing
Vendor
VirtualBox
Dual open source
and commercial
Sun/Oracle
VMware server
Commercial
VMware
Xen
Open source and
commercial
Citrix
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 19
Summary
In this presentation, the following concepts
were covered:
 Linux in the seven domains and various open
source productivity applications
 Facts about the use of Linux in the market
 Responsibilities and tasks of a Linux system
administrator
 Process to define a security framework
 Linux in the VM market and various VM software
used with Linux
IS3440 Linux Security
© ITT Educational Services, Inc. All rights reserved.
Page 20
Related documents
z/Linux or Linux on the Mainframe
z/Linux or Linux on the Mainframe
Presentation File ()
Presentation File ()
Unit 6 Operating Systems
Unit 6 Operating Systems
Profile - Sumofyou
Profile - Sumofyou
System Administration
System Administration
Virtual Machine By Nitin V. Choudhari, DIO,NIC,Akola Virtual Machine
Virtual Machine By Nitin V. Choudhari, DIO,NIC,Akola Virtual Machine
Selected Slides for Intro
Selected Slides for Intro
Reaver
Reaver
CHAPTER 1
CHAPTER 1
Download