This website uses cookies to ensure you have the best experience. Learn more

Linux Security Essay

1599 words - 7 pages

I. Chroot jail

“Chroot jail is a UNIX feature that creates a limited sandbox allowing a process to view only a single sub-tree of the file system.” “In order for it to work properly, some common programs and libraries need to be copied or linked to the appropriate locations in the new directory tree.” (Haas)
The term sandbox is a metaphor for the type of security that chroot jail uses. Once you put a program or utility into the jail, it only knows of what is contained in the cell, the rest of your system becomes invisible to it. It does this by changing the apparent root directory for the current running process and its children. A program that is run in a modified environment cannot ...view middle of the document...

In Mandatory Access Control (MAC) the administrator manages the access controls. The administrator defines the usage and access policy, which cannot be modified or changed by users, and the policy will indicate who has access to which programs and files.
The enforcement of mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs. When set up this way, the ability of these user programs and system daemons to cause harm when compromised is reduced or eliminated. This confinement operates independently of the regular Linux access control. It has no concept of a "root" super-user.
The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on the Security-enhanced Linux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole.

III. IpTables

Iptables is Linux’s version of a built in firewall. “It is often referred to as a packet filter as it examines each packet transferred in every network connection to, from, and within your computer.” (linux.ie) It makes decisions on what to do with a packet based on rules that are created by the system administrator. Rules are one or more criteria linked together in a chain. A rule will specify the criteria necessary for a packet to match to be allowed.
As a packet enters the system the first rule will be applied and if the packet meets the criteria the next rule will be applied. This process will continue for however many rules are in the chain. If the packet passes the criteria set by the administrator then it is delivered, if it does not match it will be dropped. Some of the criteria that can be set up by the administrator for checking are: ip address, port number, destination address, source address.

Works Cited
Haas, J. (n.d.). About.com. Retrieved 5 1, 2013, from www.about.com
Kerner, S. M. (2004, 2 24). Internet News.com. Retrieved 5 1, 2013, from www.internetnews.com
linux.ie. (n.d.). Retrieved 5 1, 2013, from www.linux.ie/articles/tutorials/firewall

I. Chroot jail

“Chroot jail is a UNIX feature that creates a limited sandbox allowing a process to view only a single sub-tree of the file system.” “In order for it to work properly, some common programs and libraries need to be copied or linked to the appropriate locations in the new directory tree.” (Haas)
The term sandbox is a metaphor for the type of security that...

Other Papers Like Linux Security

Linux Security Technology Essay

1875 words - 8 pages |Linux Security Technology | | 1. SELinux SELinux, an implementation of Mandatory Access Control (MAC) in the Linux kernel, adds the ability to administratively define policies on all subjects (processes) and objects (devices, files, and signaled processes). This mechanism is in the Linux kernel, checking for allowed operations after

Is3440 Linux Security Lab 1 Essay

1514 words - 7 pages this lab, students should know more about the following tasks: * Install a base Linux operating system using a Fedora core Linux server for production use on the VM server farm * Create secured partitions within the core Linux server for desired security hardening, performance, and application support * Enable a network time server during installation to maintain a synchronized time setting throughout the system * Set a hostname

Operating System

1125 words - 5 pages socket buffer (skbuff) structures. The socket buffer architecture allowed the flexibility in manipulating packet headers and checksums while avoiding unnecessary data copying. Linux extensively supports TCP/IP protocol suite, UDP, TCP, IMAP protocols implemented on top of it. Firewall management is done with selective filtering of packets according to arbitrary criteria, usually for security purposes. The firewall manager maintains a number of

Linux Server Apps in Corporate Business Ops

729 words - 3 pages server, it can be run without the video requirements that are needed with GUI interfaces. In this aspect, energy can be saved due to the processor not having to work overtime to refresh the pages for every GUI change. Also with Linux, you are not restricted to wait on Microsoft for bug fixes or patches for vulnerabilities. A corporate business can hire in-house Linux programmers, code writers, security personnel and administrators to handle the

Linux

1010 words - 5 pages bnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnm Research Assignment 2.1 4/9/2012 Kathleen Cline | Research Assignment 2.1 Linux security technologies SELinux, chroot jail, and iptables For each security technology, explain what organization (if any) is behind it

Linux Introduction an Basics

1506 words - 7 pages Server Security Source-based Specialist Telephony Thin Client UNIX distrowatch.com) there are: ► 325 Linux maintained distribtions (677 total) Beginners BSD Clusters Desktop Education Firewall Forensics Free Software Gaming High Performance Computing Live Medium ♦ Distributions are categorized in: ► ► ► ► ► ► ► ► ► ► ► Supported Hardware ♦ You can find the supported ► ► ► ► ► ► ► ► ► ► ► ► ► ► ► hardware platforms on each

Linux

276 words - 2 pages only one computer installation. Another advantage you gain from installing Linux onto your computer is the fact that this software has stronger security than other OS. There is your choice is another great advantage of using Linux over other operating systems. This is because the user is allowed to control almost all aspects of the system. Majorly, you will be allowed to change how your desktop looks and feels. Fourthly Linux software is packed

Computer Oss Comparison Essay

1900 words - 8 pages for SMP machines” (Santhanam, 2003). These changes are what moved Linux from being just a UNIX OS for PC to a viable business operating system. Linux kernel version 2.6, which was released in December 2003, introduced the SELinux security extension, which improved the performance of this OS on the higher end machines by cleaning up the kernel codebase to allow newer feature to be integrated into the kernel such as virtualization and

Nt1110 Module 1 Lab

1269 words - 6 pages frequently compared to other operating systems – further enhancing their stability and security. Linux operating systems are perhaps the most widely ported – there are distributions used in a wide range of devices from smartphones to TiVo. Differences 1. Windows - Pros - Compatibility: Almost every application, driver or game will work on Windows. Technical support: Having so many users, you can always find someone (either online or offline

The House

1271 words - 6 pages • When you are done, log out for security – Ends your current process – Indicates to OS you are finished – For the Bourne, Korn, or Bash shells: • Enter exit on command line • Or, press Ctrl+d – In C shell, enter logout on the command line • However, if you are using a GUI, these commands will only close terminal window – Use the Log Out option for the desktop instead 36 12 Understanding the Role of the UNIX/Linux System

Case Project

1350 words - 6 pages secure enough to ensure that the information can only be seen by the right people. To help keep things organized, a file structure will also be required to keep all the files with special permissions together for easy access. To better illustrate the security capabilities of Linux Ed Sawicki of Biznix.org said, “The Linux firewall has functionality that rivals expensive commercial firewalls. Its rules allow fine grained control over stateless and

Related Essays

Linux Security Essay

448 words - 2 pages Linux Security Project Part 1 Instructor Sandro Tuccinardi Student Brian Dupee Security Policy Outline First World bank wants to provide banking services online to its customers. The institution estimates over $100,000,000 a year in online credit card transactions for loan applications and other banking services. According to a team that was formed using a Linux an open source infrastructure would roughly as

Linux Security Essay

686 words - 3 pages Install a Fedora Linux Operating System on a Server 1. During the install, the option to sync with a NTP (Network Time Protocol) server was checked. From a security perspective, why is it important for a system to keep accurate time? So that all events have a proper timestamp for documentation. 2. During the install, a password has been set for the “root” user. What is the “root” user, and when is it appropriate to use this

Linux Security Technologies Essay

1229 words - 5 pages George McShane Research Paper 07/13/2012 Linux Security Technologies In today’s world there are many ways to gain access to the internet. You can go to your local library, a Starbucks, any airport, or even a McDonald’s. With all of these ways to have free access to the Web, the opportunity for hacker’s to get to your personal information is at an all time high. Linux programming has many ways to combat this situation with security

Windows Linux Security Essay

5790 words - 24 pages responds to input from the user), raising the priority of interactive and I/O bounded processes and lowering that of CPU bound processes, to increase the responsiveness of interactive applications.[8] b- Memory Management Disk (Paging) Most hard drive installations of Linux utilize a "swap partition", a partition dedicated exclusively for paging operations. This reduces slowdown due to disk fragmentation 6- Security a- Malware More than 800 pieces