Free Essay

It-302-Linux System Administration

In: Computers and Technology

Submitted By ktyler04
Words 907
Pages 4
Computer security is necessity because of the many ways that your personal information. Millions of people each year are victims of hacked computers and accounts which lead to credit card theft and identity theft. This paper will explain a few of Unix/Linux’s security operations such as SELinux, Chroot, and IPtables.
Security-Enhanced Linux is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls. These functions were run through the Linux Security Modules in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating system kernels, such as Linux and that of BSD. SELinux was developed by the United States National Security Agency, it was released to the open source development community under the GNU GPL on December 22, 2000. SELinux users and roles are not related to the actual system users and roles. For every current user or process, SELinux assigns a three string context consisting of a role, user name, and domain. This system is more flexible than normally required: as a rule, most of the real users share the same SELinux username, and all access control is managed through the third tag, the domain. Circumstance for when the user is allowed to get into a certain domain must be configured in the policies. The command runcon allows for the launching of a process into an explicitly specified context, but SELinux may deny the transition if it is not approved by the policy configuration. The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the entire system. In contrast, the security of a modified system based on an SELinux kernel depends primarily on the correctness of the kernel and its security policy configuration. While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole. Some of the features of SELinux are that it has a clean separation of policy from enforcement, a very flexible policy, and support for policy changes. Another one of Linux’s operations is called Chroot. A chroot on Unix Operating systems is an operation that changes the apparent disk root directory for the current running process and its children. The chroot system call was introduced during development of Version 7 Unix in 1979, and also added to BSD by Bill Joy on March 18, 1982. A chroot environment can be used to create and host a separate virtualized copy of the software system. This can be useful for Testing and development, Dependency control, Compatibility, Recovery, and Privilege separation. For Testing and development a test environment can be set up in the chroot for software that would otherwise be too risky to deploy on a production system. For Dependency control software can be developed, built and tested in a chroot populated only with its expected dependencies. This can prevent some kinds of linkage skew that can result from developers building projects with different sets of program libraries installed. Compatibility offers legacy software or software using a different ABI must sometimes be run in a chroot because their supporting libraries or data files may otherwise clash in name or linkage with those of the host system. The chroot mechanism in itself also is not intended to restrict the use of resources like I/O, bandwidth, disk space or CPU time. Most Unixes are not completely file system-oriented and leave potentially disruptive functionality like networking and process control available through the system call interface to a chrooted program. The last Unix operation is called IPtables. IPtables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. The original author of iptables was Rusty Russell. He worked with a team called Netfilter Core Team and was released in 1998. IPtables preserves the basic ideas introduced with ipfwadm, which was a list of rules each of which specified what to match within a packet, and what to do with such a packet. IPchains added the concept of chains of rules, and iptables extended this further into tables: one table was consulted when deciding whether to NAT a packet and another consulted when deciding how to filter a packet. In addition, the three filtering points in a packet's journey were altered such that any packet only passes through one filtering point. Each rule in a chain contains the specification of which packets it matches. It may also contain a target or verdict. As a packet traverses a chain, each rule in turn is examined. If a rule does not match the packet, the packet is passed to the next rule. If a rule does match the packet, the rule takes the action indicated by the target/verdict, which may result in the packet being allowed to continue along the chain or it may not. Matches make up the large part of rulesets, as they contain the conditions packets are tested for

IT 302-Linuz System Administration
Research Assignment 1

Bibliography

Similar Documents

Free Essay

Linux System Administration

...IT302 Linux System Administration Research Assignment 1 SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system. The three basic elements of the VServer are: The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network addresses, to change the ownership of a......

Words: 291 - Pages: 2

Premium Essay

Linux Operating System

...Linux Operating System Assignment 2 1. KDE and GNOME 2. Panel- Panels are bars that appear on the desktop and hole (panel) objects. They are part of the desktop, so they remain consistent across workspaces. Menu Bar- The menu bar appears at the top of the File Browser window and displays a menu when you click one of it selections. Applet- an applet is a small program that displays its user interface on or adjacent to the panel. You interact with the applet panel object. The clock and workspace switcher are applets. Notification Area- the notification area is a portion of the taskbar that provides temporary source for notifications and status. It can also be used to display icons for system and program features that have no presence on the desktop. Shading- its shrinks the window so only the title is visible. Location Bar- below the main tool is the location bar, which displays the name of the directory that appears in the view pane. Nautilus- displays emblems in both its icon and list views, although there may not be room for more than one emblem in the list view. Nautilus grays out items you are not allowed to change. Workspace- workspaces divide the desktop into one or more areas, with one such area filling the screen at any given time. Initially there are two workspaces. All workplaces display the same panels and objects. Workspace Switcher- the number of workspaces the switcher displays changes as you changes the number in the spin box. 3....

Words: 345 - Pages: 2

Free Essay

Exploring Linux Systems

...Running head: Linux Systems Exploring Linux Operating Systems Student College Exploring Linux Operating Systems Much like Windows OS and the OS X for the Mac, Linux is an operating system that was created by Linus Torvalds in 1991. Linux is traditionally a command line system as opposed to the GUI that many home computer users are more accustomed to. Linux uses a prompt where various commands and arguments are used to navigate the system and directories. One cannot point and click an icon in order to execute a program, in Linux the command line is like typing out the directions for your computer so it knows exactly where to look. Linux is being utilized in many different applications from business databases, cell phones, and even the New York stock exchange. Linux, however, is hardly considered a “personal computer” OS because of its limitations in personal computing. Although a Linux GUI desktop does exist, the command line interface is considered an advanced program and not for the faint of heart. Linux however holds many advantages in database software, server maintenance, code development and computer programming. The Linux “language” is close to coding language and the kernel is more secure than, say, the Windows Kernel. This advantage is encouraging to businesses and anyone else looking to keep or store sensitive data. Linux is a solid OS to use when handling such information when confidentiality is key. Like the other OS there are different means for file......

Words: 1397 - Pages: 6

Free Essay

Linux System Programming

... LINUX System Programming Other Linux resources from O’Reilly Related titles Building Embedded Linux Systems Designing Embedded Hardware Linux Device Drivers Linux Kernel in a Nutshell Programming Embedded Systems Running Linux Understanding Linux Network Internals Understanding the Linux Kernel Linux Books Resource Center linux.oreilly.com is a complete catalog of O’Reilly’s books on Linux and Unix and related technologies, including sample chapters and code examples. ONLamp.com is the premier site for the open source web platform: Linux, Apache, MySQL and either Perl, Python, or PHP. Conferences O’Reilly brings diverse innovators together to nurture the ideas that spark revolutionary industries. We specialize in documenting the latest tools and systems, translating the innovator’s knowledge into useful skills for those in the trenches. Visit conferences.oreilly.com for our upcoming events. Safari Bookshelf (safari.oreilly.com) is the premier online reference library for programmers and IT professionals. Conduct searches across more than 1,000 books. Subscribers can zero in on answers to time-critical questions in a matter of seconds. Read the books on your Bookshelf from cover to cover or simply flip to the page you need. Try it today for free. LINUX System Programming Robert Love Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux System Programming by Robert......

Words: 125679 - Pages: 503

Premium Essay

Securing a Linux System

...1 Discussion 1: Securing a Linux System Learning Objectives and Outcomes * You will present different views on security related to a Linux system. * You will be able to identify risks related to the implementation of a Web application in a Linux environment. Assignment Requirements A small community bank is studying the prospect of maintaining its own in-house Linux Web server for a Web application. The Web application will allow the bank’s customers to login, view their loan details, and check and save account balances. The company sends you a request for your services as a Linux and open source consultant. You grab the opportunity because you are dissatisfied with your current job. It is your first day in the community bank, and you are told that your role as a consultant will be to analyze all probable risks related to the prospective Web application. Your manager introduces you to the other employees, including Bob, who is an intern working on the development of the Web application. Bob is also the system administrator as he currently supports the local area network (LAN) environment. You discuss the Web application and its functioning in detail with Bob. Bob tells you that the server will be hosted at the bank’s location since the other servers are presently supporting their Microsoft Windows-based LAN. The Web application will run on any of the popular open source servers. Knowing your background, Bob is very excited to learn Linux and use this learning to......

Words: 967 - Pages: 4

Free Essay

Linux Administration Unit 2 Homework

...information. 8. The max day setting is used for the max amount of day you can have that password before it has to be changed. This setting is good for allowing the user to think of a new strong password or if they are lazy the last time they can wait to change this password. 9. This will apply to all accounts on this machine, or that use this machine to access the network/server. The next time you change the password on a existing account you will receive these warnings 10. First you would create the accounts for each users, and add each to a group they need to be in to get their jobs done. After this is complete, you would issue the command su –c ‘chage –E (YYYY-MM-DD) “username” this being for the 14days they will need access to the linux machine. ...

Words: 294 - Pages: 2

Premium Essay

Exploring Linux Operating Systems

...Exploring Linux Operating Systems Linux is a computer operating system that was created and released by Linux Torvalds in October 1991. Linux was designed and released as a free, open source piece of software. This means that the code that makes up the program is freely available for anyone to copy, study, and modify the code in any way. This design was chosen to encourage the public to voluntarily improve the design and add functionality to the base software. This open source design is anecdotally considered to be a good thing, but has some drawbacks due to splintering, and lack of version control. Due to some of the splintering there are dozens of versions of Linux, most with similar functionality, while there are others that are designed for specific user types and use cases. Each “version” is called a Distribution. There are dozens, if not hundreds of these “distro’s” floating about. One of the most popular distro’s for the entry level user is Canonical’s Ubuntu Linux. This is a Debian based system with a rather simple user interface, and comes standard with a GUI and a host of tools that would make the system useable, and sufficient for most average users. On the other side of the spectrum there are targeted distro’s like KALI whose audience is more on the professional side. This particular distro is pre-loaded with tools that only a professional or an enthusiast would find useful at all. With such a wide range of options, there should be something for......

Words: 1171 - Pages: 5

Free Essay

Linux Operating Systems

...Linux Operating System 1. What are the two predominant Linux desktops currently in use? The GNOME and KDE. 2. Describe the following GNOME components or features in two to three sentences each: PANEL: GNOME Panel is a highly configurable launcher and taskbar for GNOME. It formed a core part of the GNOME desktop in versions 1.x and 2.x. It has been replaced in GNOME 3.x by default with GNOME Shell, which only works with the Mutter window manager. MENU BAR: The Menu bar in GNOME is an item on the panel. It is split into two sections: Applications and Actions. Applications is a menu of available applications installed, organized by category. Actions is a list of actions available for the system. APPLET: An applet is a small application which runs inside a small area of your Panel. Applets have been written for a wide range of purposes. Some are very powerful interactive tools, such as the Mixer Applet which allows you to easily control your system sound. NOTIFICATION AREA: The Notification Area is a GNOME feature that adds a small icon to the panel while the program is running; this allows you to control Rhythmbox Music Player from your tray, and receive information when the Rhythmbox Music Player interface is not visible. SHADING: 'Shading' shrinks a window so that only its title is visible. LOCATION BAR: The location bar can show either a location field, a button bar, or a search field. Each is useful in different situations and as you become......

Words: 465 - Pages: 2

Premium Essay

Systems Administration

...26th FEBRUARY, 2016. ASSIGNMENT 2 ID: NAME: COURSE TITLE: BICT LEVEL 300 EVENING SUBJECT: SYSTEMS ADMINISTRATION Q1. Outline the installation process of the Ubuntu Server Edition? Ans. * By using a pen drive or from a VMware network * By using a CD-ROM or do a bootable disc and slot it into the device * Q2. Describe the installation process of Ubuntu from a CD or a bootable disc. Ans. * First, download and burn the appropriate ISO file from the Ubuntu web site3. * Boot the system from the CD-ROM drive. * At the boot prompt you will be asked to select the language. This is default and it will show up immediately you install the server. * After, select an installation language. This is what will see you through the installation process. * Choose the continent and country. This is very important because there are servers all over the world that the Ubuntu or Linux system can go in for updates. It looks for servers available in the specified region and relays you to that server. This makes updating quite easy. * You will then asked to select your keyboard layout or the keyboard detection. * It will load the components from the CD or bootable drive onto the system. * The installer then discovers your hardware configuration, and configures the network settings using Dynamic Host Configuration Protocol (DHCP) which will make everything automatic and find your local host name by default * However, if you want to......

Words: 611 - Pages: 3

Premium Essay

Exploring Linux Operating Systems

...Exploring Linux Operating Systems What is Linux? Linux is an Operating System for a computer; it is like other Operating Systems such as Windows and the OS X for MAC. Linux was created in 1991 and has been found on many different systems like Super Computers, cell phones, and even the New York stock exchange. What sets Linux apart from other Operating Systems is that Linux is made by several different companies. According to www.linux.com over 3,200 developers have from 200 companies have contributed to the kernel which is just a small piece of the distribution. How is Linux used today? While other Operating Systems are very limited to personal computing devices, Linux is not limited it can be found on many different things. Linux had its start as a server Operating System but is also one of the only Operating System that can be found on more than just a personal computer. Some of the different things it can be found on taken from www.linux.com “These are just the most recent examples of Linux-based devices available to consumers worldwide. This actual number of items that use Linux numbers in the thousands.” www.linux.com File Editors Coming from a Windows Operating System pretty much my whole life, which means I only have experience with GUI editors such as Notepad from Windows. After working with Linux and its file editors this past week I found it much faster and easier than using the notepad system in Windows. There are two different kinds of......

Words: 1308 - Pages: 6

Premium Essay

Linux Operating System

...Joseph Silva 4/1/12 Linux Operating System Assignment 2 1. KDE and GNOME 2. Panel- Panels are bars that appear on the desktop and hole (panel) objects. They are part of the desktop, so they remain consistent across workspaces. Menu Bar- The menu bar appears at the top of the File Browser window and displays a menu when you click one of it selections. Applet- an applet is a small program that displays its user interface on or adjacent to the panel. You interact with the applet panel object. The clock and workspace switcher are applets. Notification Area- the notification area is a portion of the taskbar that provides temporary source for notifications and status. It can also be used to display icons for system and program features that have no presence on the desktop. Shading- its shrinks the window so only the title is visible. Location Bar- below the main tool is the location bar, which displays the name of the directory that appears in the view pane. Nautilus- displays emblems in both its icon and list views, although there may not be room for more than one emblem in the list view. Nautilus grays out items you are not allowed to change. Workspace- workspaces divide the desktop into one or more areas, with one such area filling the screen at any given time. Initially there are two workspaces. All workplaces display the same panels and objects. Workspace Switcher- the number of workspaces the switcher displays changes as you changes the number in...

Words: 350 - Pages: 2

Free Essay

Linux Administration Reserch Project 1

...In 2006, Microsoft posted a high-level summary of 235 patents that were allegedly violated by free and open source software (Foss), including the Linux kernel, samba, openoffice.org and others. Shortly after that, MS entered into a series of three contracts with NOVELL, one of which was a patent agreement that said, "don’t sue us and we won't sue you" At the time of this scenario, some dire consequences were predicted for Foss. This is how Foss has fared since then. Well, Linux is still alive and active, and all of the products you mentioned are still active as well.. Overall, I'd say open source software is still going strong, with no signs of stopping in the near future The impact that those events have made since then, or possibly make in the future are. The claim of Microsoft patents in Linux surfaced in 2004, when Ballmer misquoted a Pub Pat study and claimed Linux violated 228 patents. In 2007, Microsoft followed up telling Forbes that Linux and open source violated 235 patents: 42 in the Linux kernel, Linux graphical user interfaces violated 65, Open Office 45, various free/open e-mail programs violated another 15, and assorted, sundry free/open-source software programs violated 68 Microsoft patents. Since then, Microsoft’s been diligently squaring away patent protection and licensing deals with Linux companies. The starting point, and summit, was the 2006 deal with Novell. Tom Tom has been a long time coming. It is still not known how the tom tom lawsuit......

Words: 708 - Pages: 3

Free Essay

Linux Operating Systems

...Linux Operating System Mark Stansbery POS/355 Alicia Pearlman May 5, 2012 Linux is an operating system just like Windows, and MAC OS, but more along the same lines of the UNIX operating system, because they have some of the same features. Out of the three most popular operating systems, Linux is surprisingly enough is the least popular. It is growing in popularity as more and more systems start to use it, but it still has a long way to go. The information that follows will give some of the history behind Linux and the features, benefits, and drawbacks to the system. In 1986, Linus Torvalds began to learn, quite extensively, hardware programming to help him with his Sinclair computer. He developed a floppy controller driver as well as a programming tool to help him with his efforts to better understand and improve the performance of his machine. In 1991, Torvalds got his first 386-Intel based PC, which ran a version of UNIX called Minix. Minix was developed as a learning system and was very popular in the universities. Torvalds found out very quickly that he did not like the Terminal emulator that was provided, and since the source code for Minix was open source, he began a project to develop his own code to design an improved emulator that provided more functions especially on a hardware level. As he further developed the code and more functionality was added Torvalds decided that his design was more on the lines of an operating system instead of just a......

Words: 790 - Pages: 4

Free Essay

It302 Linux System Administration Research Assignment 1

...IT302 Linux System Administration Research Assignment 1 SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system. Linux V-Server – The three basic elements of the VServer are: * The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. * Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network......

Words: 423 - Pages: 2

Free Essay

Linux as a Personal Desktop Operating System

... Table of Contents Beginning Red Hat Linux 9 ...............................................................................................................................1 Introduction.........................................................................................................................................................4 Who Is This Book For?...........................................................................................................................4 What You Need to Use This Book.........................................................................................................4 What Is Linux? ........................................................................................................................................5 Linus Torvalds and the Birth of Linux.............................................................................................5 Why Choose Linux?.........................................................................................................................6 What Is Red Hat Linux 9?................................................................................................................7 What Is Covered in This Book?..............................................................................................................8 Conventions in This Book......................................................................................................................9 Customer Support..............

Words: 155032 - Pages: 621