Free Essay

Security in Linux

In: Computers and Technology

Submitted By iphoneclone
Words 965
Pages 4
Security in Linux Linux, like any other computing platform, is constantly changing. There are a few major focus points for new and upgraded platforms, one of which is how user friendly it is. User friendliness goes beyond the ability to simply point and click, it also goes behind the lines deep into the inner workings of the system. Security is one of the most important functions of any operating system, very commonly overlooked and taken for granted. A system administrator can configure tables that are provided by the Linux kernel firewall in a program called iptables. Iptables has the ability to redirect, modify or stop packets of data all based on the state of a connection at any given time. There are many different tables that can be defined and each table contains built in chains or user defined chains. Every chain is essentially a list of rules that matches a set of packets and it specifies what to do with a packet that matches the rules. For the casual user it is best to use the predefined rules, they are often more than adequate. In an enterprise situation the administrator would likely want to define additional rules in order to best suit the business needs. Before iptables Linux mainly used ipchains as a firewall package. Iptables is an improvement on ipchains because it monitors the state of connections. Iptables can use the state of the connection as opposed to ipchains using the source destination and content only, to redirect, modify or drop a packet. At least one chain is used for every packet leaving or entering the computer on the network. The initial chain used is determined by the origin of the packet.

Another powerful and important tool in the security of Linux is the chroot jail. Chroot made its first appearance in 1979 in the 7th version of Unix and was added to BSD in 1982 (Wikipedia, 2011). Chroot jail has many uses in the Linux world. It can be used to prevent a single user from going to certain parts of the directory, it can be used in virtualization or it can be used for specific processes. For singer users, even one with limited permissions, without a chroot jail the user could navigate to upper level directories. Even if an administrator trusts their users (and they never should), without a chroot jail the information is there for anyone who can hack the users account. The specific user may not have permissions to edit other user’s files but he may be able to see them and that can be dangerous on its own. Testing is another great argument for chroot jails, if a person desires to test a new program it is wise to limit the programs access to system resources until it is certain that there are no malicious intents inserted into the program itself. In virtualization a chroot jail is also quite necessary. A person could have a complete operating system installed in a chroot jail and it would appear as though the chroot directory was the root of the system. This would also aid in testing and development because the guest system is completely contained within the jail and it wouldn’t be able to make changes to the host system. This would be a vital tool to utilize in system program compatibility testing, if anything undesirable happened then the user could simply revert to an original and unaltered virtual machine file and start fresh. A chroot jail is not specifically meant for intentional attacks but more as a means of preventing inadvertent system altering mistakes made by the casual user.

SELinux or Security Enhanced Linux is an implementation of flexible mandatory access controls that was first researched and implemented into the Linux kernel by researchers at the National Security Agency and the Secure Computing Corporation in 1992 and 1993. (Flux Advanced Security Kernel, 2000) As partially stated above, SELinux is the implementation of mandatory access controls in the Linux whereas standard Linux uses discretionary access controls. In a system using discretionary access user identity and user ownership dictates file and resource decisions. If a user running root privileges starts a process that has malicious intent then the process can in theory take control of any file or system resource and change it to better suit the malicious intent of the process or the creator of the process. In a system running SELinux the mandatory access controls can be administratively designed so as to very closely monitor processes and software with malicious intent. Security decisions in SELinux are not bases only on the user identity alone but also on what security information is available at the time that the process begins. Using SELinux also helps to provide control not only on programs and processes but on users and devices as well. The mandatory access controls in SELinux are only as good or safe as the administrator sets them up to be, it is wise to have well developed and implemented policies in place at all times and for all users. It is important to note that SELinux was not a kernel rewrite but can be seen more like a patch that provides framework for future security improvements and it uses the Linux Security Module. While only three of the multitude of security technologies have been discussed here, there are so many more exciting security tools available in Linux. Some are targeted at the advanced user while others can be utilized by just about anyone. The bottom line is that with all of the tools and information available, there is no reason to be left unprotected. Every computer that is connected to the internet will likely have information that someone, somewhere wants to get. Keep your guard up and be safe.

Similar Documents

Free Essay

Linux Securities

...Security of a system when you are open to the internet is paramount in the world of servers. Linux has many layers of ever evolving security in order to keep up with the would be attackers in cyberspace. This is one of the reasons that Linux is one of the most used servers for internet sites and has few viruses engineered towards it. IP Tables Developed by the Netfilter organization the IP tables package for Linux is an evolution of the IP chains which came from the IPv4 Linux firewall package. Paul Russel was the initial head author of the organization and also behind the IP chains project The Netfilter organization began to come together in 1999 and through collaboration and research recognized the shortcomings of the IP chains package and developed this new product in order to address these concerns and make needed improvements. The improvements added to the new IP tables package helped improve performance and overall security. Better integration with the kernel led to improved speed and reliability but the true value came from the new security features. Stateful packet inspection allows the firewall to keep track of every connection passing through it allowing for better monitoring and can even view certain contents and attempt to anticipate actions of certain protocols. Also the ability to filter packets based on MAC address and TCP header flags helps to prevent attacks using malformed packets. Even a rate limiting feature that is designed to eliminate some......

Words: 1131 - Pages: 5

Premium Essay

Linux Security

...The Linux security technologies I researched are SELinux, chroot jail and iptables. SELinux (Security-Enhanced Linux) is a Linux feature that provides the mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement. The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency. The United States National Security Agency (NSA), the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000. The software merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Network Associates, Red Hat, Secure Computing Corporation, Tresys Technology, and Trusted Computer Solutions. Experimental ports of the FLASK/TE implementation have been made available via the TrustedBSD Project for the FreeBSD and Darwin operating systems. It provides an enhanced mechanism to enforce the separation of information based on......

Words: 1300 - Pages: 6

Premium Essay

Linux Securities

...Since its release to the public in 1991, the Linux operating system has become one of the most widely used operating systems in the world. This is largely because of the security features. The most popular of these three technologies are SELinux, chroot jail and iptables. We are going to break down the advantages and benefits of each of these features. The United States National Security Agency (NSA), the original developer of SELinux released the first version of this feature in December of 2000. According to a statement by the NSA "NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals" It provides the ability to separate information based on confidentiality and integrity requirements. The flexibility allows control over what activities can be done by each daemon, user, or process. Standard Linux access controls are modifiable by the user and the applications which the user runs. SELinux......

Words: 600 - Pages: 3

Premium Essay

Linux Security

...| Linux Security | A review of some current technologies | | | | | In the pre-Internet world you have criminals looking for “hard” assets: money, jewelry and other items that could be easily turned into hard currency. We have always had “white-collar” crime such as embezzlement, fraud and insider trading. With the proliferation of the Internet and our personal and professional lives stored in the cloud; criminals can now take one ubiquitous piece of information and turn themselves into a whole other person. The ease in which such information can be used has turned people who would never think of ever holding up a bank, mugging someone or other physical crime, into criminals. This type crime has spawned a whole new “industry”: cyber security. One of the most important aspects of a network administrator’s job is to secure the system from any person who wishes to do criminal activities. These people are both within and outside the organization. With the Linux system there are three main technologies that are in use today. They are SELinux, chroot jail, and iptables. The first line of defense in a Linux system is chroot jail. Chroot is a process or application that changes the root directory for a user. To the user it appears that they are in their root directory, but they are actually in a modified root directory. This modified root directory is called jail. Without a chroot jail, a user with limited file permissions would still be able to......

Words: 942 - Pages: 4

Premium Essay

Linux Security

...Robert Hoffman Linux Research 2.1 Security for computers is one of the most important aspects of a system that has to be in place. For this paper I will be writing about four security features that Linux systems use; these are SELinux, chroot jail, openSSH, and iptables. I will briefly describe what they do to provide security. SELinux (security enhanced Linux) was developed by the NSA, who chose Linux as its operating system to create a more secure operating system. Since the development of SELinux by the NSA most Linux distributions now implement SELinux as a standard. Traditional Linux systems use a security called (DAC) discretionary access control. With this approach users and their objects, i.e., files or processes run by the user have the same access as the user. So if an attacker got hold of an admin account they would have complete control over any files or services that account runs or has access to. SELinux uses (MAC) mandatory access control. With this, services and files are controlled by policies saying what may or may not be done. MAC enforces these security policies that limit what users and programs can do. Security threats coming from user errors, attackers, or software problems are limited by MAC. SELinux has three modes that it can function in: Enforcing- This is the default state where SELinux security policy is enforced, anything not permitted by the security policy can not be......

Words: 999 - Pages: 4

Premium Essay

Linux Security Technologies

...Paper 07/13/2012 Linux Security Technologies In today’s world there are many ways to gain access to the internet. You can go to your local library, a Starbucks, any airport, or even a McDonald’s. With all of these ways to have free access to the Web, the opportunity for hacker’s to get to your personal information is at an all time high. Linux programming has many ways to combat this situation with security technologies such as SELinux, chroot jail, iptables, and virtual private networks (VPN’s) to name a few. The basics of Linux security start with Discretionary Access Control, which is based by users and groups. The process starts with a user, who has access to anything that any other user can have access to. At first, it may seem great to be able to have that access, but the security in it is not so great. The US National Security Agency (NSA) developed the SELinux (Security Enhanced Linux) to combat the lack of strong security. (National Security Agency Central Security Service, 2009) Other organizations behind SELinux include the Network Associate Laboratories (NAI) labs which implemented several additional kernel mandatory access controls, developed the example security policy configuration, ported to the Linux 2.4 kernel, contributed to the development of the Linux Security Modules kernel patch, and adapted the SELinux prototype to LSM. The MITRE Corporation which enhanced several utilities to be SELinux-aware, and developed application security policies. ......

Words: 1207 - Pages: 5

Free Essay

Linux Security Basics

...IT302 7/9/2012 Research Linux Security Basics Linux, being one of the most secure operating systems in the world, has many features and services that enhance security to the maximum. Linux isn’t completely secure, like some people like to claim, but many distributions strive to make security a key feature. One of the greatest reasons Linux is more secure, is the simple fact of having a smaller user base than other operating systems; this means that Linux is a smaller target for most malicious intents. That doesn’t mean that distributions rely on this to secure their OS. There are many great and complex security features and services that come with Linux. One of the most complicated security features, I believe, is SELinux. Security Enhanced Linux is a security model developed by the NSA and provides a fine grained permissions system for files, users, groups, sockets, ports, and processes. SELinux was conceived because the current user level security system that Linux, and other operating systems, offer is insufficient for. To ensure a maximum security environment, SELinux uses the MAC security model. This means that an object only has the minimal set of permissions it requires to operate. SELinux uses sets of policies to handle permissions providing the system with a great level of security. These policies can be assigned as roles to users enabling specific rules and regulations for specific individuals. SELinux may be a powerful security feature, but it can also be a......

Words: 1200 - Pages: 5

Premium Essay

Linux Security Technology

...|Linux Security Technology | | 1. SELinux SELinux, an implementation of Mandatory Access Control (MAC) in the Linux kernel, adds the ability to administratively define policies on all subjects (processes) and objects (devices, files, and signaled processes). This mechanism is in the Linux kernel, checking for allowed operations after standard Linux Discretionary Access Controls DAC are checked. Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of Kernel modifications and user-space tools that can be added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement. The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency (NSA), It has been integrated into the mainline Linux kernel since version 2.6. NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000. Security-enhanced......

Words: 1860 - Pages: 8

Free Essay

Linux Security Technologies

...threats to consumers alike. Such as hackers, viruses, people who don’t know what they are doing, and even people who you may call your best friend. Threat comes in many shapes and sizes which is why operating systems such as Linux develop ways to keep your personal files safe from these unwarranted threats. Some of these measures include, but is not limited to; iptables, SELinux, chroot jail, TCP Wrappers, firewalls, PolicyKit, NX or No eXecute, PIE or Position Independent Executables, Netfilter, and the list goes on (“Fedora Projects” & Vepstas). When a user first approaches Linux it looks similar to what a windows operating system would resemble. With Linux a user has the ability to access every file within the operating system through the use of a terminal or command prompt. Through the use of Linux programming potential threats can gain access to you file system and everything housed within it. Linux is free software that comes with many great security features that any user or administrator greater access and control over the system. The choice can be a bit much for most, but we will discuss a few of these choices here. Security-Enhanced Linux also known as SELinux is a security program that was developed in partner by the National Security Agency or NSA and Red Hat Developers (“Fedora Project”). So what exactly is it that SELinux does? SELinux was designed so that the Administrator could enforce policies that will limit what a user or particular program...

Words: 1082 - Pages: 5

Free Essay

Linux Security Technologies

...Linux Security Technologies   SELinux (Security Enhanced Linux) is a mandatory access control in the Linux kernel that was originally developed by NSA (National Security Agency) with direct contributions provided by Red Hat Enterprise Linux (RHEL) via the Fedora Project. In the day and age of identity theft and attempted sabotage from terrorists against our country, it should be very apparent why an organization like NSA had such an interest in heading up development of a more secure way to better protect our nation’s computer systems. In a world so largely dependent on computer systems, inadequate security measures could lead to anything from having a single person’s financial information compromised to an electronic 9/11 against some of our country’s most secure federal computer networks. In the modern computer based society we live in, security is essential to protecting everything from personal desktops all the way up to the most secure federal databases. And many corporate and government level computers are based on the Linux kernel. SELinux has 3 states it can be in if on a system: Enabled, Disabled, and Permissive. Enforcing means SELinux security policy is active, Disabled means SELinux security policy is not active, and Permissive is a diagnostic state commonly used for troubleshooting. To better understand what improvements Mandatory Access Control (MAC) can provide for security, one needs to know about the standard Linux security provision called......

Words: 1124 - Pages: 5

Free Essay

Linux Security Technologies

...different types of Linux Security Technologies. Discretionary Access Control, SELinux (Security Enhanced Linux), chroot jail, and iptables are just a few. This paper is only going to discuss the latter three. Discretionary Access Control is the more traditional, however; DAC is not as secure and will not be discussed here.1 The U.S National Security Agency (NSA) is the organization behind the creation of SELinux. The reason the NSA is involved in this project is because this organization is responsible for carrying out the research and advanced development of technologies needed to enable NSA to provide the solutions, products, and services to achieve Information Assurance for information infrastructures critical to U.S. National Security interests. The NSA implemented a Mandatory Access control within the Linux Kernel. This MAC is named Flask.2 There are three main policies that SELinux uses to apply MAC. There is the Targeted, where the MAC controls will only be used for a specific process or processes, there is the Multilevel Security protection, and the Strict. The strict puts MAC controls to all processes. The targeted is not as secure as the strict, however; the targeted is easier to maintain. If one uses the strict, the administrator will have to customize the policy. Failure to do so could cause other users a significant problem in performing his or her assigned duties. 3 The main reason the MAC has been created is to help prevent security......

Words: 919 - Pages: 4

Free Essay

Linux Security Technologies

...critical research problem. Linux has several security developments included in its open source operating system. Among these are SELinux, chroot jail, and iptables to name a few. SELinux is Security Enhanced Linux. The National Information Assurance Research Laboratory of the National Security Agency was in charge of carrying out the research and advanced development of technologies needed to enable the NSA to provide the solutions, products, and services to achieve Information Assurance for information infrastructures essential to the security of the U.S. National Security. The Security-enhanced Linux prototype was developed by the NSA along with research partners from NAI Labs, Secure Computing Corporation (SCC), and the MITRE Corporation. Many other contributions have followed since the initial release.(NSA-National Security Agency, 2009) Researchers in the National Information Assurance Research Laboratory of NSA worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on a mechanism first developed for the LOCK system called Type Enforcement. The NSA and SCC then worked with the University of Utah’s Flux research group to transfer the architecture to the Fluke research operating system. The architecture was enhanced, when it was transferred, to provide better support for dynamic security policies. This enhanced architecture was named Flask. SELinux implements the Flask security architecture which uses......

Words: 1498 - Pages: 6

Premium Essay

Assignment 2 Linux Security

...Linux Security Technology Security of a system is important in our today’s use of the internet. That is why Linux with its many layers that are always evolving in security to protect against all kinds of hackers or othe types of attacks . SELinux, Chroot Jail, IPTables, Mandatory Access Control and Discrestionary Access Control, just to name a few. SELinux is an access control implementation for the Linux kernel. Take for instants that you are the administrator and you define rules in user space and if the Linux kernel has been added with SELinux support, then those rules will be followed by the kernel. SELinux is a NSA Security-Enhanced Linux, in which the mandatory access control is flexible. The structure of SELinux supports against all kinds of mandatory access control policies. Some of which are Role-Based Access Control and Multi-Level Security. It was designed by NSA for the purpose of protecting a server against malicious daemons, by telling the daemons what they can and can’t do. This type of technology was created by Secure Computing Corporation, but was supported by the U.S. National Security Agency. In 1992, the thought for a more intense security system was needed and a project called Distributed Trusted Match was created. Some good solutions evolved from this, some of which were a part of the Fluke operating system. Which then became the Flux and finally led to the creation of the Flask architecture. Eventually it was combined with the Linux kernel,......

Words: 873 - Pages: 4

Free Essay

Security Enhanced Linux (Selinux), Chroot Jail, and Iptables

...types of Linux security technologies are Security Enhanced Linux (SELinux), chroot jail, and iptables. These security measures aide in the subversion of theft and malicious activity. We will discuss these items in depth to address who created them and for what reason. Along with how these technologies changed the operating system to enforce security, and the types of threats that these security systems are design to eliminate. Security Enhanced Linux was released in December of 2000 from the National Security Agency (NSA), under the GNU general public license. SELinux is not a Linux distribution; it is a set of kernel modifications and tools that can be added to a variety of Linux distributions. SELinux is currently a part of Fedora Core, and it is supported by Red Hat. Incarnations of SELinux packages are also available for Debian, SuSe, and Gentoo. Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible Mandatory Access Control (MAC). MAC provides an enhanced process to enforce the separation of information based on confidentiality and integrity requirements, as well as the confinement of damage that can be caused by malicious or flawed applications. The previous security structure, discretionary access control (DAC), allowed threats of tampering and avoidance of security mechanisms, because DAC gives the user ownership of files and allows users the ability to make policy decisions and assign security......

Words: 848 - Pages: 4

Free Essay

Linux Security

...Gramm-Leach-Bliley Act (GLBA) is one of the federal regulations that the First World Bank needs to be in complaint and stay in compliance with. Gramm-Leach-Bliley is a regulation that requires banks to safe guard customer’s information and to provide how the institution shares customer’s information, what information is collected, who they share the information with, and how they protect it. This information is required to be disclosed to customers in writing, in the written notice the customer will also be advised of their rights. The Federal Deposit Insurance Corporation (FDIC) is an insurance that guarantees the money is a customer’s account up to $250,000 per depositor. A depositor is any one on the account that has provide their Social Security Number. Member banks are required to place a sign at their place of business stating that the deposits are backed by the full faith and credit of the...

Words: 1405 - Pages: 6