Securing Linux / Unix Systems
Michael H. Warfield
Internet Security Systems Inc
mhw@wittsend.com
Atlanta Unix Users Group
November 1, 1999
Table of Contents
Securing Linux / Unix Systems
Notes for Note Takers
Introduction
Target Systems
Tradeoffs
The Principle of Least Privilege
The Principle of Minimum Access
Workstations and Servers
System Administrators and Users
Basic Steps Along the Road
Network Design and Layout
Installation Security
Existing Installations
Existing Installations - Services
Existing Installations - FTP
Existing Installations - Web
Existing Installations - E-Mail
Operating Securely
Security Tools and Enhancements
Security Tools: Network Scanners
Security Tools: Host Based
Security Tools: Detection
Keeping Informed
Advanced Topics
Single Signon Systems
Single Use Passwords
Honey Pots and Traps
Reaction Systems
Counter Attacks
Abacus Port Sentry
Defense in Depth
Conclusion
Conclusion
Parting Thought
Security Sites
Security Resources
LASG
Security Lists and Newsgroups
LinuxWorld
Securing Linux / Unix Systems
View Text Version
Power Point Presentation
Applixware Presentation