Free Essay

Linux System Administration

In: Computers and Technology

Submitted By ike1421
Words 291
Pages 2
IT302 Linux System Administration
Research Assignment 1

SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system.

The three basic elements of the VServer are: The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network addresses, to change the ownership of a file, etc. (See /usr/include/linux/capability.h for details.) The vserver-utils provides a tool to take away capabilities from a process. The chroot jail. The existing Linux kernel provides a way to limit a process to a subdirectory, by changing the 'file system root' for the process to be the subdirectory

Similar Documents

Free Essay

It-302-Linux System Administration

...Security-Enhanced Linux is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense style mandatory access controls. These functions were run through the Linux Security Modules in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating system kernels, such as Linux and that of BSD. SELinux was developed by the United States National Security Agency, it was released to the open source development community under the GNU GPL on December 22, 2000. SELinux users and roles are not related to the actual system users and roles. For every current user or process, SELinux assigns a three string context consisting of a role, user name, and domain. This system is more flexible than normally required: as a rule, most of the real users share the same SELinux username, and all access control is managed through the third tag, the domain. Circumstance for when the user is allowed to get into a certain domain must be configured in the policies. The command runcon allows for the launching of a process into an explicitly specified context, but SELinux may deny the transition if it is not approved by the policy configuration. The security of an unmodified Linux system depends on the correctness of the kernel, all the privileged applications, and each of their configurations. A problem in any one of these areas may allow the compromise of the......

Words: 907 - Pages: 4

Free Essay

It302 Linux System Administration Research Assignment 1

...IT302 Linux System Administration Research Assignment 1 SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system. Linux V-Server – The three basic elements of the VServer are: * The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. * Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network......

Words: 423 - Pages: 2

Premium Essay

Unix Administration Chapter 2

...Advanced SUSE Linux Enterprise Server Administration (Course 3038) Chapter 2 Configure the Network Manually Objectives • • • • Understand Linux Network Terms Set Up Network Devices with the ip Tools Save Device Settings to a Configuration File Set Up Routing with the ip Tool Advanced SUSE Linux Enterprise Server Administration (Course 3038) 2 Objectives (continued) • Save Routing Settings to a Configuration File • Configure Host Name and Name Resolution • Test the Network Connection with Command-Line Tools Advanced SUSE Linux Enterprise Server Administration (Course 3038) 3 Understand Linux Network Terms • Device – Network adapter built into the system • Link – Used by command-line tool ip to refer to the connection of a device to the network • Address – IP address assigned to a device • Broadcast – Refers to the broadcast address of a network • Route – Path IP packet takes from source to destination host Advanced SUSE Linux Enterprise Server Administration (Course 3038) 4 Set Up Network Devices with the ip Tool • Command-line ip tool – Changes the network card configuration • Used to perform the following tasks – Display the Current Network Configuration – Change the Current Network Configuration Advanced SUSE Linux Enterprise Server Administration (Course 3038) 5 Display the Current Network Configuration • IP address setup – Syntax • ip address show Advanced SUSE Linux Enterprise Server Administration......

Words: 1162 - Pages: 5

Free Essay

Redhat

...LINUX-6 Curriculum chnoworld ive Development | Training | Consultancy Rh124 Red Hat System Administration I Red Hat System Administration I (RH124) is designed for IT professionals who are new to Linux and require core Red Hat Enterprise Linux skills. Focused on administration tasks that will be encountered in the workplace, this course will actively engage students in task-focused activities, labbased knowledge checks, and facilitative discussions to ensure maximum skill transfer and retention. In addition, GUI-based tools will be featured to build on the students' existing technical knowledge, while key command line concepts will be introduced to provide a foundation for students planning to become fulltime Linux system administrators. By the end of the five-day course, students will be able to perform installation, establish network connectivity, manage physical storage, and perform basic security administration. LINUX-6 Course Outline Unit 1: Get Started with the GNOME Graphical Desktop Objective: Get started with GNOME and edit text files with gedit Unit 2: Manage Files Graphically with Nautilus Objective: Manage files graphically and access remote systems with Nautilus Unit 3: Get Help in a Graphical Environment Objective: Access documentation, both locally and online Unit 4: Configure Local Services Objective: Configure the date and time and configure a printer Unit 5: Manage Physical Storage I Objective: Understand basic disk concepts and manage......

Words: 1463 - Pages: 6

Free Essay

Linux

...Syllabus College of Information Systems & Technology POS/420 Version 9 Introduction to UNIX® | |Copyright © 2010, 2009, 2008, 2006, 2005, 2004, 2001, 2000 by University of Phoenix. All rights reserved. Course Description This course is a survey of the UNIX® operations. The student will gain an understanding of the internal operations of the UNIX® system, which enables the user to make efficient use of files, file systems, and processes. Commands for efficient management of UNIX® system files, file systems and process, systems administration and security are also examined. Policies Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Blum, R. (2008). Linux® command line and shell scripting bible. Indianapolis, IN: Wiley. Love, P., Merlino, J., Zimmerman, C., Reed, J. C., & Weinstein, P. (2005). Beginning Unix®. Indianapolis, IN: Wiley. Software RedHat Linux 5 (Virtual......

Words: 1560 - Pages: 7

Premium Essay

Class Notes - Networking

... Violators will be prosecuted. Essential Linux Administration: A Comprehensive Guide for Beginners Page 1 of 4 PRINTED BY: Norman Puga . Printing is for personal, private use only. No part of this book may be reproduced or transmitted without publisher's prior permission. Violators will be prosecuted. ESSENTIAL LINUX ® ADMINISTRATION: A COMPREHENSIVE GUIDE FOR BEGINNERS i CHUCK EASTTOM WITH SERGE PALLADINO Course Technology PTR A part of Cengage Learning 9781133795308 i ii Essential Linux Administration: A Comprehensive Guide for Beginners Chuck Easttom with Serge Palladino Publisher and General Manager, Course Technology PTR: Stacy L. Hiquet Associate Director of Marketing: Sarah Panella Manager of Editorial Services: Heather Talbot Marketing Manager: Mark Hughes Acquisitions Editor: Heather Hurley Project and Copy Editor: Marta Justak Technical Reviewer: Danielle Shaw Interior Layout Tech: MPS Limited, a Macmillan Company Cover Designer: Mike Tanamachi Indexer: Sharon Shock Proofreader: Kelly Talbot © 2012 Course Technology, a part of Cengage Learning. ALL RIGHTS RESERVED. No part of this work covered by the copyright herein may be reproduced, transmitted, stored, or used in any form or by any means graphic, electronic, or mechanical, including but not limited to photocopying, recording, scanning, digitizing, taping, Web distribution, information networks, or information storage and retrieval systems, except as permitted under Section 107 or......

Words: 34239 - Pages: 137

Free Essay

Linux and Windows Server Critique

...Linux and Windows Server Critique Team C POS 420 June 25, 2012 Yevgeniy Tovshteyn Linux vs. Windows Both Linux and Windows are operating systems with advantages and differences in functionality and user friendliness. With networking becoming an important part of company operation in this day and age. Kudler will come to depend on networking for availability to the marketplace via the Internet, while requiring their internal systems for email, Voice over Internet Protocol (VoIP) phone systems, and using business data. Linux and Windows are the only 2 operating systems that have grown to the top level in the field of networking. Learning Team C examines these types of strengths and weaknesses regarding security, administration, performance, and programming. Kudler Fine Foods Current Systems: 3 locations: La Jolla, Del Mar, and Encinitas La Jolla Novell 4.11 Server for POS 4 POS Workstations with Pentium II, Windows 9X 1 Standalone UPS (Uninterruptable Power Supply) 1 Server with Inventory Spreadsheet with Pentium II, 64mg Ram, Windows 9X, external CD burner and bubble jet printer. 1 Server with NT Server 1 56K modem Del Mar Novell 4.11 Server for POS 4 POS Workstations with Pentium II, Windows 9X 1 Standalone UPS (Uninterruptable Power Supply) 1 Server with Inventory Spreadsheet with Pentium II, 64mg Ram, Windows 9X, external CD burner and bubble jet printer. 1 Server with NT Server 1 56K modem Encinitas Novell 4.11 Server for POS 4 POS...

Words: 1833 - Pages: 8

Free Essay

Unix

... Carrier Objective: Obtaining a challenging career in the field of Information Technology as a Unix/Linux Systems Administrator to utilize the knowledge that I have gained through past years of experience in various industries such as Telecommunications, Banking, Medical, Insurrance and government establishments . Qualification Summary: 5 Years of Unix experience with overall 10+ years of experience in the field of Information technology. Master's Degree in Micro-Electronics & Diploma in Computer Sciences. Specialize in following: Unix Administration on Sun Solaris and Red Hat Linux environment. VERITAS Volume Manager and Cluster Server experience. Websphere Application Server experience Virtualization Technologies VMware ESXi 5 Large 24x7 mission-critical production environment experience. Unix Administration, maintainance providing support in an enterprise enviroment (Resolved, escalated and dispatched technical issues) Experience with EMC/Openfiler SAN,configured and Managed SAN storage for Vmware Vsphere enviroment . Communication skills in handling diversified activities like Customer Support, in various capacities from front-end field engineer to the present capacity working. Well versed with Incident resolution and Change Management process. Performing Datacenter administration ( HP/SUN Servers including C7000,M4000, M5000, T5220, T5240, V440, V480/V490, V880/V890, E4500, E6500) tasks such: Backups, restore, Tape Management, Installation, Upgradation &......

Words: 1089 - Pages: 5

Premium Essay

Windows Server and Linux Critique

...Riordan’s Windows Server and Linux Critique Learning Team A POS/420 Date: Instructor: Riordan’s Windows Server and Linux Critique At the request of Riordan Manufacturing, Inc., the project team conducted a thorough review to compare the advantages and disadvantages of Windows Server and Linux. The recommendation of an operating system will ensure Riordan’s business operations continue with compatibility between all locations with the highest level of security, administration, networking, performance, and programmabilityimplemented. Security Although there are proponents everywhere for each type of operating system available on the market today, the focus of this project team, at the request of Riordan management, is to compare the security advantages and disadvantages of Windows Server and Linux. Windows Server Advantages. Windows Server has improved over the years in providing basic security provisions for administrators. Access to any system is extremely important to security professionals, such as domain name system (DNS), active directory domain services (AD), and access to web servers using Internet Information Services (IIS). DNS security extensions (DNSSEC) provide added security when a consumer is gaining access to a company’s website as well as how the company......

Words: 1859 - Pages: 8

Premium Essay

It302 Final Exam Reveiw Answers

...IT302 Linux Administration Final Exam Revew Preparation Sheet and Study Guide 1. Which runlevel is textual multi-user mode? A. 1 B. 3 C. 5 D. 6 2. Which system script contains the default runlevel? A. /etc/default.target B. fstab.default C. profile.local D. default.runlevel Use the following information to answer Questions 3-5: A system administrator is manually setting up a new daemon named analyzed. The daemon should be set to run at runlevel 3 and be the very last daemon to load. 3. What should the link to start the daemon be named? A. skanalyzed1 B. 100analyzedstartup C. analyzedstart --last D. S99analyzed 4. Which of the following commands would stop the analyzed daemon? A. analyzed stop B. chkconfig –level 35 analyzed C. service analyzed stop D. chkconfig analyzed boot 5. Which of the following commands would tell the system at which runlevels to start analyzed? A. analyzed stop B. chkconfig –level 35 analyzed C. service analyzed stop D. chkconfig analyzed bootLinux Professor Green IT302 Linux Administration 6. Which of the following commands would let you most safely switch to runlevel 2 without rebooting the computer? A. boot 2 B. telinit 2 C. init 2 D. rl 2 7. Which type of control does SELinux implement? A. Discretionary access control B. Media access control C. Role-based access control D. Mandatory access control 8. Which of the following is not a SELinux state? A. Permissive B. Monitoring C. Enforcing D. Disabled 9. The files hosts.allow and hosts.deny belong...

Words: 1258 - Pages: 6

Premium Essay

Pos 420 Week 5 Linux vs Windows Contrast and Comparison

...Compare and contrast the X Window system and Microsoft Windows. DQ 2: What is the most interesting, useful, unexpected or unusual thing you have learned about Linux/UNIX during this course? Computer Science - General Computer Science POS 420 Week 1 UNIX® and Linux® Comparison Matrix Resources: University of Phoenix Material: UNIX® and Linux® Comparison Matrix Complete the UNIX® and Linux® Comparison Matrix located on your student website. See the Assignment 1 post in the Main forum or Course Materials forum for detailed instructions. POS 420 Week 2 Individual File Processing Commands Worksheet Resource: University of Phoenix Material: File Processing Commands Worksheet Resource: University of Phoenix Materials: Linux® Directory Log Complete the Linux® Directory Log located on your student website. Complete the University of Phoenix Material: File Processing Commands Worksheet located on your student website. See the Assignment 2 post in Main forum or Course Materials  POS 420 Week 3 Individual Linux® Script Worksheet Resource: University of Phoenix Material: Linux® Script Worksheet Complete the University of Phoenix Material: Linux® Script Worksheet located on your student website. See the Assignment 3 post in Main forum or Course Materials forum for detailed instructions. POS 420 Week 4 Individual Systems Administration Scripting Log ......

Words: 324 - Pages: 2

Premium Essay

Linux Security

...| Linux Security | A review of some current technologies | | | | | In the pre-Internet world you have criminals looking for “hard” assets: money, jewelry and other items that could be easily turned into hard currency. We have always had “white-collar” crime such as embezzlement, fraud and insider trading. With the proliferation of the Internet and our personal and professional lives stored in the cloud; criminals can now take one ubiquitous piece of information and turn themselves into a whole other person. The ease in which such information can be used has turned people who would never think of ever holding up a bank, mugging someone or other physical crime, into criminals. This type crime has spawned a whole new “industry”: cyber security. One of the most important aspects of a network administrator’s job is to secure the system from any person who wishes to do criminal activities. These people are both within and outside the organization. With the Linux system there are three main technologies that are in use today. They are SELinux, chroot jail, and iptables. The first line of defense in a Linux system is chroot jail. Chroot is a process or application that changes the root directory for a user. To the user it appears that they are in their root directory, but they are actually in a modified root directory. This modified root directory is called jail. Without a chroot jail, a user with limited file permissions would still be able to......

Words: 942 - Pages: 4

Free Essay

Resume

... Lauren Lamotte | 7714 Lancer Ct | Niceville, FL 32578 | (850) 408-6789 | lauren.lamotte@us.af.mil November 14, 2015 Linda Vinetti Hiring Manager Capriccio Software, Inc. 3556 Gen DeGualle Blvd New Orleans, LA 70128 Dear Ms. Vinetti: I read of your company’s need for a Linux Systems Administrator in the New Orleans area on Indeed.com. I will be returning to New Orleans after my military enlistment is complete, and I believe that I would be an excellent fit for the company. I have worked as an IT professional in the United States Air Force for over six years, with my last three years working as a Linux Systems Administrator, and I am confident in my ability to become a valuable member of your team. I have an Associates degree in IT, and I am working towards by Bachelors degree in Information Systems Management. I am also professionally certified from Microsoft, Cisco, and CompTIA. As a Linux System Administrator, I have extensive experience in the following areas: * System Administration and Repair * Systems Installation, Configuration & Upgrading * Programming and Scripting * System Security, Backup and Recovery As a supervisor in the United States Air Force, I have experience working in teams, and I thrive under pressure. Additionally, I have excellent communication and interpersonal skills, which......

Words: 894 - Pages: 4

Free Essay

Rawr

...Assignments: * Sobell, Chapter 1: Welcome to Linux * Sobell, Chapter 2: Installation Overview * Sobell, Chapter 3: Step-by-Step Installation * Sobell, Chapter 9: The Bourne Again Shell * Sobell, Chapter 11: System Administration: Core Concepts * Sobell, Chapter 16: Administration Tasks Chapter 1: Welcome To Linux 1. What is free software? List three characteristics of free software. Free Software is a matter of liberty, not price. Three characteristics of free software are the ability to distribute and change, ability to improve freely, and free to study. 2. Why is Linux popular? Why is it popular in academia? GNU/Linux is portable, is based on standards, is written in C, has a kernel programming interface, can support many users, and can run multiple tasks. The source code for the operating system is readily available so that students can understand more easily how GNU/Linux works and can modify the code further to understand its operation and change the way it works. 3. What are multiuser systems? Why are they successful? Multiuser systems allow any people to use all system resources almost simultaneously. Successful due to being cost effective, and having a level of security that allows Linux users to protect their data from access by other users through means of file access permissions, which limits users to what they can read, write to, or which file they can execute. Also implements ACLs (Access Control Lists) in which gives users and......

Words: 317 - Pages: 2

Free Essay

Comparison Matrix

...University of Phoenix Material Unix® and Linux® Comparison Matrix Directions: Choose three different versions of the UNIX® or Linux® operating systems to compare. Insert the three chosen versions and fill out the requested information in the Components column. UNIX® or Linux® operating system version: Fedora |Components |Your response | |Role of shell |Gives a command line with built in commands | |Three features and roles of each |Security-there is a firewall tool provided with a task bar that lets the user know of any | |feature |security issues. Shell- Is environment friendly for the user and has functions that run like | | |a PC. Rescue-This feature which is in the disk of the program, can unlock a system to let the| | |user continue their work. | |Comments on security |This is a main important feature for the OS | |Comments on administration |It is easy for ADMIN use and the tools are not as difficult | |Comments on networking |Networking is ok even though the security firewall is good ...

Words: 446 - Pages: 2