Linux:Networking & Security

Feng Gao1045042000-08-31

Objective (1)

Give an overview of the networking capacities of the Linux OS Networking protocols Capacity for file sharing & printing Capacity for Internet/Intranet services Capacity for remote execution of application Capacity for acting as network interconnection Capacity for network management

Objective (2)

Talk about some security tools for Linux network

Monitoring tools Network services System integrity Management & limitation

Brief Introduction of Linux OS

A Unix like operating system Completely open source code

no royalty or licensing fees the source code can be modified to fit users’

needs

Fast, powerful, and extremely stable Cross hardware and platform Tons of application software Created by and for the Internet

Why Linux is a choice for network

Cheap & portable Ideal for many small to medium businesses

Open source code Tons of applications are freely available Modifiable whenever/wherever needed

Robustness

Who uses Linux?

Ford Motor Co. NASA Disney General

Electric IRS

UPS NASDAQ Boeing many leading

US Universities

Besides ISPs and other Web companies, the following companies had some Linux servers installed in 1997.

Used for gateways, routers, file and print servers, database servers, computation servers, development servers, CAD, besides being used as Web servers.

Part I

Linux Networking

Network protocols supported by Linux

TCP/IP IPv6 ( IP version 6 ) IPX/SPX AppleTalk Protocol WAN networking Protocols Isdn4linux PPP, SLIP, PLIP ATM More

File sharing and printing

Sharing with Apple environment using AppleTalk family protocols ( NetaTalk)

Sharing with Windows environment using Samba ( an implementation of SMB

protocol)

Sharing with Novell environment using IPX/SPX

Sharing with Unix environment using NFS ( Network File system)

Internet / Intranet services

Mail Mail Servers ( eg.Sendmail, smail, qmail, etc.) Remote access to mail (POP, IMAP) Fetchmail

Web Servers Apache

Stable, Robust

Yahoo, Altavista, Geocities, Hotmail are based on this server

Internet/Intranet services (cont’)

Web Browsers Netscape Navagator, Mozilla , lynx, etc.

FTP servers & clientsNews serviceDomain Name System ( DNS ) NIS ( Network Information Service )

Remote execution of application

Telnet Use a remote computer as if just at the site

Remote commands Execution of a command on a remote machine

The X window system The X server controls the display and I/O The X client do the real computing work

VNC ( Virtual Network Computing) eg. Execute in a Windows machine and output

displayed in a Linux machine

Acting as Network Interconnection

Bridge RouterFirewall Proxy Server IP Masquerade

Load BalancingTraffic ShapingPort ForwardingVirtual private

networks

Network Management

Network management applications Webmin Linuxconf

SNMP (Simple Network Management Protocol ) allows for remote monitoring and

configuration of routers, bridges , network cards, switches …

Part II

Security tools for Linux network

Monitoring tools

Scan to determine if the machine is vulnerable to a specific exploit on that server

Connect to target machine on all ports they canHelp to fix the found problemsExamples:

SATAN ( Security Administrator’s Tool for Analyzing Networks )

ISS( Internet Security Scaner ) SAINT ( updated version of SATAN ) Nessus, xSid, Logcheck, PortSentry

Network Services

Problem The more services the system offers, the more

places for attackers to find a hole

Network Services (cont’)

Strategy Disable or remove services not needed Use tcp_wrappers to wrap all the TCP services Use SSH to replace old, insecure remote programs such

as telnet, rlogin, rdist, rcp

SSH A secure login program that revolutionized remote

management of networks hosts over the Internet A powerful program that uses strong cryptography for

protecting all transmitted confidential data

System integrity

Problem A typical Linux server handles about 30,400

files In its busy times administrators can’t check

the integrities of all system files A cracker can easily install or modify some

files

System Integrity ( cont’ )

Security tools Tripwire Tripwire ASR ( Academic Source Release )

Create a database first Check the integrity of a system at any time Compare the current system and the stored database Find if malicious changes exist

Management & Limitation

GnuPG A tool for secure communication and data

storage Can be used to encrypt data and create digital

signatures

Quota A system administration tool for monitoring and

limiting users’ and groups’ disk usage With quota, the users are forced by the system

administrator to not consume unlimited disk space on a system

Summary

The network capacities of Linux OS : Support of many network protocols File sharing and printing Internet / Intranet Services Remote execution of application Acting as network interconnection Network managemet

We’ve talked about:

Summary

Some security tools for Linux network: Monitoring tools Network services System integrity Management & Limitation

Also talked about: