Securing Linux / Unix Systems

Michael H. Warfield

Internet Security Systems Inc

Atlanta Unix Users Group

November 1, 1999

Table of Contents

Securing Linux / Unix Systems

Notes for Note Takers


Target Systems


The Principle of Least Privilege

The Principle of Minimum Access

Workstations and Servers

System Administrators and Users

Basic Steps Along the Road

Network Design and Layout

Installation Security

Existing Installations

Existing Installations - Services

Existing Installations - FTP

Existing Installations - Web

Existing Installations - E-Mail

Operating Securely

Security Tools and Enhancements

Security Tools: Network Scanners

Security Tools: Host Based

Security Tools: Detection

Keeping Informed

Advanced Topics

Single Signon Systems

Single Use Passwords

Honey Pots and Traps

Reaction Systems

Counter Attacks

Abacus Port Sentry

Defense in Depth



Parting Thought

Security Sites

Security Resources


Security Lists and Newsgroups


Securing Linux / Unix Systems

View Text Version
Power Point Presentation
Applixware Presentation