Michael Boman, profile picture
Uploaded byMichael Boman
ODP, PPTX1,543 views

Introduction To Linux Security

This document provides an introduction to Linux security. It covers turning off unnecessary servers and services, limiting access to needed servers using IPTables, updating the system regularly, and reading Linux log files. The document recommends keeping daemons and services disabled or bound to localhost when possible, using tools like netstat, IPTables, and log checking utilities to monitor open ports and system activity. It concludes with a question and answer section and recommends additional security resources.

Embed presentation

Download as ODP, PPTX
Introduction to Linux Security Introduction to Linux Security Republic Polytechnic Thursday 2 nd September 2004 By Michael Boman <michael.boman@boseco.com>
What we will cover: Turning off unnecessary servers and services Limit exposure of needed servers and services using IPTables Updating the system Reading Linux log files Q & A
Turning off xinetd launched services Locate the relevant file in /etc/xinetd.d Change “no” to “yes” in the “disable” field Restart xinetd service xinetd restart
Controlling Daemons Temporary turn a daemon off service <daemon-name> stop Permanently removing a daemon from automatically starting at boot up chkconfig –del <daemon-name> Daemons start/stop scripts are stored in /etc/init.d
Who opened that port? Use netstat to locate the application that opened a particular port netstat -tunl -t = tcp -u = udp -n = don't resolve -l = listen only
Limit access to required daemons What can you do when you actually need that service? Bind the service to localhost (ip address 127.0.0.1), if possible Enable IPTables and control access to the particular service
Keeping the system up-to-date All systems becomes vulnerable as time passes and new vulnerabilities are discovered Always keep your system up-to-date to avoid unnecessary time spent on recovering from a intrusion
Linux log files Log files are generally located in /var/log Syslog is the daemon that controls and create the log files Use a tool like “log check” to limit the amount of lines of logs to read through
Advanced Techniques Use a file integrity checker like “tripwire” to keep an eye at changed files Use a Network IDS like “snort” to monitor attacks from the network
Questions? Got any questions? Now is the time to ask them!
Recommended reading material Security Focus www.securityfocus.com Linux Security www.linuxsecurity.org The Linux Documentation Project www.tldp.org IPTables www.netfilter.org Snort Network Intrusion Detection Software www.snort.org

More Related Content

ODP
Linux Network Security
byAmr Ali
 
PPT
Linux Security
bynayakslideshare
 
PPT
Threats, Vulnerabilities & Security measures in Linux
byAmitesh Bharti
 
PPT
Security and Linux Security
byRizky Ariestiyansyah
 
PPT
Basic Linux Security
bypankaj009
 
PDF
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
byShawn Wells
 
PPTX
Essential security for linux servers
byJuan Carlos Pérez Pardo
 
PPT
Linux Operating System Vulnerabilities
byInformation Technology
 
Linux Network Security
byAmr Ali
 
Linux Security
bynayakslideshare
 
Threats, Vulnerabilities & Security measures in Linux
byAmitesh Bharti
 
Security and Linux Security
byRizky Ariestiyansyah
 
Basic Linux Security
bypankaj009
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
byShawn Wells
 
Essential security for linux servers
byJuan Carlos Pérez Pardo
 
Linux Operating System Vulnerabilities
byInformation Technology
 

What's hot

PPTX
File System Implementation & Linux Security
byGeo Marian
 
PPTX
Linux security
bytrilokchandra prakash
 
PPT
Unix Security
byreplay21
 
PPTX
Linux Security Overview
byKernel TLV
 
PPTX
Linux security introduction
byMohamed Gad
 
PPTX
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
byEric Vanderburg
 
PDF
How Many Linux Security Layers Are Enough?
byMichael Boelen
 
ODP
Acid
byMichael Boman
 
PPT
Linux Vulnerabilities
bySecurityTube.Net
 
PPTX
BackTrack5 - Linux
bymariuszantal
 
PPTX
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
byEric Vanderburg
 
PPTX
Telehack: May the Command Line Live Forever
byGregory Hanis
 
PDF
Nessus v6 command_line_reference
byCraig Cannon
 
ODP
Introduction To NIDS
byMichael Boman
 
PPT
Hacking Fundamentals - Jen Johnson , Miria Grunick
byamiable_indian
 
PPTX
Security Onion Conference - 2016
byDefensiveDepth
 
ODP
SELinux Basic Usage
byDmytro Minochkin
 
PDF
The SElinux Notebook :the foundations - Vol 1
byEliel Prado
 
PPTX
Backtrack
byn|u - The Open Security Community
 
PDF
Ch 6: Enumeration
bySam Bowne
 
File System Implementation & Linux Security
byGeo Marian
 
Linux security
bytrilokchandra prakash
 
Unix Security
byreplay21
 
Linux Security Overview
byKernel TLV
 
Linux security introduction
byMohamed Gad
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
byEric Vanderburg
 
How Many Linux Security Layers Are Enough?
byMichael Boelen
 
Acid
byMichael Boman
 
Linux Vulnerabilities
bySecurityTube.Net
 
BackTrack5 - Linux
bymariuszantal
 
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
byEric Vanderburg
 
Telehack: May the Command Line Live Forever
byGregory Hanis
 
Nessus v6 command_line_reference
byCraig Cannon
 
Introduction To NIDS
byMichael Boman
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
byamiable_indian
 
Security Onion Conference - 2016
byDefensiveDepth
 
SELinux Basic Usage
byDmytro Minochkin
 
The SElinux Notebook :the foundations - Vol 1
byEliel Prado
 
Backtrack
byn|u - The Open Security Community
 
Ch 6: Enumeration
bySam Bowne
 

Viewers also liked

PDF
linux security: interact with linux
byAmmar WK
 
PDF
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
byAnne Nicolas
 
PDF
Linux Security Scanning with Lynis
byMichael Boelen
 
PDF
Linux Security Myth
byMackenzie Morgan
 
PDF
Linux Hardening
byMichael Boelen
 
PDF
Security of Linux containers in the cloud
byDobrica Pavlinušić
 
PDF
Linux Security, from Concept to Tooling
byMichael Boelen
 
PDF
Linux Security for Developers
byMichael Boelen
 
PPTX
Unitrends Sales Presentation 2010
bylincolng
 
PDF
Protection in Operating System Layer
bySidharth D
 
PDF
Operating systems security 2007 vulnerability report
byAjit Gaddam
 
PPTX
Jaundice
byJayesh Naik
 
PDF
Linux security (outline)
byR.Harish Navnit
 
PDF
Linux security
bysanchetanparmar
 
PDF
Linux Security best Practices with Fedora
byUditha Bandara Wijerathna
 
PPT
Linux security-fosster-09
byDr. Jayaraj Poroor
 
PPTX
Game cih
byHarsh Malpani
 
PPTX
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
byJayesh Naik
 
PDF
Hardening Linux and introducing Securix Linux
bySecurity Session
 
linux security: interact with linux
byAmmar WK
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
byAnne Nicolas
 
Linux Security Scanning with Lynis
byMichael Boelen
 
Linux Security Myth
byMackenzie Morgan
 
Linux Hardening
byMichael Boelen
 
Security of Linux containers in the cloud
byDobrica Pavlinušić
 
Linux Security, from Concept to Tooling
byMichael Boelen
 
Linux Security for Developers
byMichael Boelen
 
Unitrends Sales Presentation 2010
bylincolng
 
Protection in Operating System Layer
bySidharth D
 
Operating systems security 2007 vulnerability report
byAjit Gaddam
 
Jaundice
byJayesh Naik
 
Linux security (outline)
byR.Harish Navnit
 
Linux security
bysanchetanparmar
 
Linux Security best Practices with Fedora
byUditha Bandara Wijerathna
 
Linux security-fosster-09
byDr. Jayaraj Poroor
 
Game cih
byHarsh Malpani
 
Application hardening, Secure Socket Layer(SSL) & Secure Electronic Transacti...
byJayesh Naik
 
Hardening Linux and introducing Securix Linux
bySecurity Session
 

Similar to Introduction To Linux Security

PDF
Linux security quick reference guide
byCraig Cannon
 
PDF
Linux Server Security and Hardering
byvidalinux
 
PDF
Linux internet server security and configuration tutorial
byannik147
 
PPT
Old Linux Security Talk
byTanner Lovelace
 
PDF
Linux Hardening - nullhyd
byn|u - The Open Security Community
 
PDF
How to secure ubuntu 12.04
byJohn Richard
 
PDF
Securing & Optimizing Linux the Hacking Solution (v.3.0)
by- Mark - Fullbright
 
PDF
Red Hat Linux 5 Hardening Tips - National Security Agency
bysanchetanparmar
 
PDF
CentOS Linux Server Hardening
byMyOwn Telco
 
PDF
Intrusion Discovery Cheat Sheet for Linux
byMuhammad FAHAD
 
PPT
bh-us-02-murphey-freebsd
bywebuploader
 
PDF
Securing optimizing linux. the hacking solution
byfernando valenzuela hernández
 
ODP
How to setup your linux server
byMarian Marinov
 
PDF
Fedora 11 Security Guide A Guide To Securing Fedora Linux Edition 10 Johnray ...
bygarnovanias8
 
PDF
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
byJames Jara
 
PPTX
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
byEric Vanderburg
 
PDF
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
byYusuf Hadiwinata Sutandar
 
PDF
7 unixsecurity
byricharddxd
 
PPT
5. centos security
byMohd yasin Karim
 
PDF
Don't Get Hacked on Hostile WiFi
byMackenzie Morgan
 
Linux security quick reference guide
byCraig Cannon
 
Linux Server Security and Hardering
byvidalinux
 
Linux internet server security and configuration tutorial
byannik147
 
Old Linux Security Talk
byTanner Lovelace
 
Linux Hardening - nullhyd
byn|u - The Open Security Community
 
How to secure ubuntu 12.04
byJohn Richard
 
Securing & Optimizing Linux the Hacking Solution (v.3.0)
by- Mark - Fullbright
 
Red Hat Linux 5 Hardening Tips - National Security Agency
bysanchetanparmar
 
CentOS Linux Server Hardening
byMyOwn Telco
 
Intrusion Discovery Cheat Sheet for Linux
byMuhammad FAHAD
 
bh-us-02-murphey-freebsd
bywebuploader
 
Securing optimizing linux. the hacking solution
byfernando valenzuela hernández
 
How to setup your linux server
byMarian Marinov
 
Fedora 11 Security Guide A Guide To Securing Fedora Linux Edition 10 Johnray ...
bygarnovanias8
 
James Jara Portfolio 2014 - InfoSec White Paper- Part 5
byJames Jara
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
byEric Vanderburg
 
LOUCA23 Yusuf Hadiwinata Linux Security BestPractice
byYusuf Hadiwinata Sutandar
 
7 unixsecurity
byricharddxd
 
5. centos security
byMohd yasin Karim
 
Don't Get Hacked on Hostile WiFi
byMackenzie Morgan
 

More from Michael Boman

PPTX
How to drive a malware analyst crazy
byMichael Boman
 
PPTX
Indicators of compromise: From malware analysis to eradication
byMichael Boman
 
ODP
44CON 2014: Using hadoop for malware, network, forensics and log analysis
byMichael Boman
 
PDF
DEEPSEC 2013: Malware Datamining And Attribution
byMichael Boman
 
PPT
44CON 2013 - Controlling a PC using Arduino
byMichael Boman
 
PDF
Malware Analysis on a Shoestring Budget
byMichael Boman
 
PPTX
Malware analysis as a hobby (Owasp Göteborg)
byMichael Boman
 
PPTX
Malware Analysis as a Hobby
byMichael Boman
 
PPTX
Malware analysis as a hobby - the short story (lightning talk)
byMichael Boman
 
KEY
Sans och vett på Internet
byMichael Boman
 
PDF
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
byMichael Boman
 
PPT
Hur man kan testa sin HTTPS-server
byMichael Boman
 
PPT
OWASP AppSec Research 2010 - The State of SSL in the World
byMichael Boman
 
PPTX
Enkla hackerknep för testare
byMichael Boman
 
ODP
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
byMichael Boman
 
ODP
USB (In)Security 2008-08-22
byMichael Boman
 
ODP
Automatic Malware Analysis 2008-09-19
byMichael Boman
 
ODP
Overcoming USB (In)Security
byMichael Boman
 
PPT
Privacy in Wireless Networks
byMichael Boman
 
PDF
Network Security Monitoring - Theory and Practice
byMichael Boman
 
How to drive a malware analyst crazy
byMichael Boman
 
Indicators of compromise: From malware analysis to eradication
byMichael Boman
 
44CON 2014: Using hadoop for malware, network, forensics and log analysis
byMichael Boman
 
DEEPSEC 2013: Malware Datamining And Attribution
byMichael Boman
 
44CON 2013 - Controlling a PC using Arduino
byMichael Boman
 
Malware Analysis on a Shoestring Budget
byMichael Boman
 
Malware analysis as a hobby (Owasp Göteborg)
byMichael Boman
 
Malware Analysis as a Hobby
byMichael Boman
 
Malware analysis as a hobby - the short story (lightning talk)
byMichael Boman
 
Sans och vett på Internet
byMichael Boman
 
Blackhat USA 2011 - Cesar Cerrudo - Easy and quick vulnerability hunting in W...
byMichael Boman
 
Hur man kan testa sin HTTPS-server
byMichael Boman
 
OWASP AppSec Research 2010 - The State of SSL in the World
byMichael Boman
 
Enkla hackerknep för testare
byMichael Boman
 
Privacy In Wireless Networks Keeping Your Private Data Private 2008-08-08
byMichael Boman
 
USB (In)Security 2008-08-22
byMichael Boman
 
Automatic Malware Analysis 2008-09-19
byMichael Boman
 
Overcoming USB (In)Security
byMichael Boman
 
Privacy in Wireless Networks
byMichael Boman
 
Network Security Monitoring - Theory and Practice
byMichael Boman
 

Recently uploaded

PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
Mobile-Computing-A-Revolution-in-Our-Hands.pdf
bymimbulatove
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PPTX
TCP/IP Presentation - Information Systems & Operations Management
byadriangallianispetka
 
PDF
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PDF
The Future of Search: Why LLM Optimization Matters for Every Website
byav0763436
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
AI Star Keynote on Artificial Intelligence. OnWorld. OffWorld. InWorld
byAlison B. Lowndes
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
Mobile-Computing-A-Revolution-in-Our-Hands.pdf
bymimbulatove
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
TCP/IP Presentation - Information Systems & Operations Management
byadriangallianispetka
 
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
The Future of Search: Why LLM Optimization Matters for Every Website
byav0763436
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
The Landscape of Computer Software Development Companies
byYash Singh
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
AI Star Keynote on Artificial Intelligence. OnWorld. OffWorld. InWorld
byAlison B. Lowndes
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 

Introduction To Linux Security

  • 1.
    Introduction to LinuxSecurity Introduction to Linux Security Republic Polytechnic Thursday 2 nd September 2004 By Michael Boman <[email protected]>
  • 2.
    What we willcover: Turning off unnecessary servers and services Limit exposure of needed servers and services using IPTables Updating the system Reading Linux log files Q & A
  • 3.
    Turning off xinetdlaunched services Locate the relevant file in /etc/xinetd.d Change “no” to “yes” in the “disable” field Restart xinetd service xinetd restart
  • 4.
    Controlling Daemons Temporaryturn a daemon off service <daemon-name> stop Permanently removing a daemon from automatically starting at boot up chkconfig –del <daemon-name> Daemons start/stop scripts are stored in /etc/init.d
  • 5.
    Who opened thatport? Use netstat to locate the application that opened a particular port netstat -tunl -t = tcp -u = udp -n = don't resolve -l = listen only
  • 6.
    Limit access torequired daemons What can you do when you actually need that service? Bind the service to localhost (ip address 127.0.0.1), if possible Enable IPTables and control access to the particular service
  • 7.
    Keeping the systemup-to-date All systems becomes vulnerable as time passes and new vulnerabilities are discovered Always keep your system up-to-date to avoid unnecessary time spent on recovering from a intrusion
  • 8.
    Linux log filesLog files are generally located in /var/log Syslog is the daemon that controls and create the log files Use a tool like “log check” to limit the amount of lines of logs to read through
  • 9.
    Advanced Techniques Usea file integrity checker like “tripwire” to keep an eye at changed files Use a Network IDS like “snort” to monitor attacks from the network
  • 10.
    Questions? Got anyquestions? Now is the time to ask them!
  • 11.
    Recommended reading materialSecurity Focus www.securityfocus.com Linux Security www.linuxsecurity.org The Linux Documentation Project www.tldp.org IPTables www.netfilter.org Snort Network Intrusion Detection Software www.snort.org