Securing Linux / Unix Systems

Michael H. Warfield

Internet Security Systems Inc

mhw@wittsend.com

Atlanta Unix Users Group

November 1, 1999


Table of Contents

Securing Linux / Unix Systems

Notes for Note Takers

Introduction

Target Systems

Tradeoffs

The Principle of Least Privilege

The Principle of Minimum Access

Workstations and Servers

System Administrators and Users

Basic Steps Along the Road

Network Design and Layout

Installation Security

Existing Installations

Existing Installations - Services

Existing Installations - FTP

Existing Installations - Web

Existing Installations - E-Mail

Operating Securely

Security Tools and Enhancements

Security Tools: Network Scanners

Security Tools: Host Based

Security Tools: Detection

Keeping Informed

Advanced Topics

Single Signon Systems

Single Use Passwords

Honey Pots and Traps

Reaction Systems

Counter Attacks

Abacus Port Sentry

Defense in Depth

Conclusion

Conclusion

Parting Thought

Security Sites

Security Resources

LASG

Security Lists and Newsgroups

LinuxWorld

Securing Linux / Unix Systems


View Text Version
Power Point Presentation
Applixware Presentation