Bastille Linux: Security Through Transparency



Similar documents
FOSS License Restrictions and Some Important Issues

Nixu SNS Security White Paper May 2007 Version 1.2

Getting Started in Red Hat Linux An Overview of Red Hat Linux p. 3 Introducing Red Hat Linux p. 4 What Is Linux? p. 5 Linux's Roots in UNIX p.

Network Security and Firewall 1

A REVIEW OF METHODS FOR SECURING LINUX OPERATING SYSTEM

Installing and Configuring Websense Content Gateway

Firewalls. Chapter 3

Kwickserver Firewall. Overwiew. Features. Two distinct internal networks. Portfilter. Documentation Version 1.1. Peter Buzanits

Firewall Firewall August, 2003

Developing Network Security Strategies

Security Audit Report for ACME Corporation

VMware vcenter Log Insight Security Guide

Discovering Mac OS X Weaknesses and Fixing Them with the New Bastille OS X Port

What is included in the ATRC server support

SCP - Strategic Infrastructure Security


CUIT UNIX Standard Operating Environment and Security Best Practices

Hervey Allen. Network Startup Resource Center. PacNOG 6: Nadi, Fiji. Security Overview

Firewall implementation and testing

Secure Software Programming and Vulnerability Analysis

CMPT 471 Networking II

3 Days Course on Linux Firewall & Security Administration

Running a Default Vulnerability Scan

Monitor Linux Security Using Scripts

Security Correlation Server Quick Installation Guide

SNI Vulnerability Assessment Report

Device Log Export ENGLISH

RH033 Red Hat Linux Essentials or equivalent experience with Red Hat Linux..

Dr. Marco Hugentobler, Sourcepole QGIS from a geodata viewer to a GIS platform

Codes of Connection for Devices Connected to Newcastle University ICT Network

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

Installing and Configuring Nessus by Nitesh Dhanjani

AXIGEN Mail Server. Quick Installation and Configuration Guide. Product version: 6.1 Document version: 1.0

CMS Operational Policy for Infrastructure Router Security

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

Chapter 7. Firewalls

Firewalls (IPTABLES)

Internet Security [1] VU Engin Kirda

HP Education Services

BF2CC Daemon Linux Installation Guide

VULNERABILITY ASSESSMENT WHITEPAPER INTRODUCTION, IMPLEMENTATION AND TECHNOLOGY DISCUSSION

Running a Default Vulnerability Scan SAINTcorporation.com

Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006

EXPLORER. TFT Filter CONFIGURATION

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Plesk 11 Manual. Fasthosts Customer Support

How To Set Up A Net Integration Firewall

BorderWare Firewall Server 7.1. Release Notes

Introduction to Operating Systems

Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

CCM 4350 Week 11. Security Architecture and Engineering. Guest Lecturer: Mr Louis Slabbert School of Science and Technology.

Project 2: Firewall Design (Phase I)

Overview - Using ADAMS With a Firewall

LOCKSS on LINUX. CentOS6 Installation Manual 08/22/2013

What is a Firewall? A choke point of control and monitoring Interconnects networks with differing trust Imposes restrictions on network services

RHCSA 7RHCE Red Haf Linux Certification Practice

Overview - Using ADAMS With a Firewall

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

HONEYD (OPEN SOURCE HONEYPOT SOFTWARE)

SO114 - Solaris 10 OE Network Administration

Track 2 Workshop PacNOG 7 American Samoa. Firewalling and NAT

Vulnerability Scan. January 6, 2015

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Penetration Testing Report Client: Business Solutions June 15 th 2015

8 steps to protect your Cisco router

My FreeScan Vulnerabilities Report

Cisco Secure PIX Firewall with Two Routers Configuration Example

Linux FTP Server Setup

How To Protect Your Network From Attack From Outside From Inside And Outside

Troubleshooting This document outlines some of the potential issues which you may encouter while administering an atech Telecoms installation.

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Chapter 4 Firewall Protection and Content Filtering

The Self-Hack Audit Stephen James Payoff

Distributed Systems. Firewalls: Defending the Network. Paul Krzyzanowski

Configuring Secure Linux Hosts

Auditing and Hardening Unix Systems Using CIS benchmarks on SUSE Linux

CSE331: Introduction to Networks and Security. Lecture 12 Fall 2006

F-SECURE MESSAGING SECURITY GATEWAY

The Benefits of Verio Virtual Private Servers (VPS) Verio Virtual Private Server (VPS) CONTENTS

GL550 - Enterprise Linux Security Administration

TECHNICAL NOTE. Technical Note P/N REV 03. EMC NetWorker Simplifying firewall port requirements with NSR tunnel Release 8.

AVeS Cloud Security powered by SYMANTEC TM

DMZ Gateways: Secret Weapons for Data Security

NMS300 Network Management System

TREK HOSC PAYLOAD ETHERNET GATEWAY (HPEG) USER GUIDE

Ensim WEBppliance 3.1 for Linux (LH) Release Notes

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

LINUX Operating System Audit & Assessment August 9, 2006

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Transcription:

Bastille Linux: Security Through Transparency Jon Lasser University of Maryland, Baltimore County (UMBC) jon@umbc.edu 2000 March 24 Overview A Brief History of Bastille Linux Philosophy Step-By-Step Overview Lessons Learned

The "Linux Problem", Ca. Q3 98 Linux spreading rapidly in universities, but no centralized control Inexperienced administrators Wide-open systems Infrequent security updates... and therefore frequent break-ins The "Linux Problem" It s hard to do the right thing: Linux is easy to install... but hard to administer (securely!)

What UMBC Linux Got Wrong Our most serious failure was social, not technical: Despite the very large number of Linux users, especially at universities, we did not seek to share with others performing similar work. Had we shared our plans and results with other schools, we would have duplicated less work and been able to accomplish more. Sans 99 Conference, project proposed improve university security harden defaults discourge dangerous and obsolete tools simplify customization of install to be based on Red Hat 6.0.

Why Red Hat 6? Market share Easy for beginners to install Fairly open by default Some Distributions Have Hardening Software SuSe Mandrake 7...and Away From Bastille Linux? little happened immediately Admins are busy folk project had a distant payoff Red Hat 6.0 is more secure out-of-box, so pressure off. Difficult to make Red Hat s devel model work over the net Monolithic, too Slow at Internet Speeds Network and server reliability is still an issue It s too hard to keep up with Red Hat!

A Change of Direction... Instead of a Distribution, a Hardening script: Full Compatibility Community Support Less work to update for new releases Adaptable to other distributions Avoid export concerns by simply installing crypto via ftp from Europe Releases To Date (1) 1.0 The Conference Release 1.0.1 Brown Paper Bag Release 1.0.2 Additional Bugfixes

Releases To Date (2) 1.0.3 Red Hat 6.1 support Included automation examples 1.0.4 TUI Defaults for all choices No more single-user mode Mandrake 6.x support Bugfixes The Future Incremental Development patch security further audits and granularity better logging additional security stateful firewall "Version 2.0" (New architecture) Multiple Back-ends possible Multiple Front-ends possible Canonicalize data in the middle More intelligent standard back-end

Philosophy of Bastille Linux (1) A Living, Executable "Best Practices" Document Based on Community Resources: SANS Securing Linux Step-By-Step Kurt Seifried s Linux Administrator s Security Guide Leveraged Existing Code Jay Beale s Solaris Hardening Scripts Philosophy of Bastille Linux (2) Grounded in Open-Source Methodology: Many eyes (audit) Many minds (experience) Many arguments (community)

How Can We Stop Crackers? What Bastille Linux Does Apply vendor-produced patches Disable unnecessary services Secure default configurations Set up a firewall What Bastille Linux Doesn t Do (Yet) Automated techniques to scan for crackers Automated protection from certain attacks (StackGuard) Basic Features Walkthrough (1) Completely Modular Install RPM Updates Dynamic list from our server As secure as commercial vendors SUID and Permissions Audits Permissions audit based on SANS document, with changes SUID audit granular, Permissions audit not (yet!)

Basic Features Walkthrough (2) Account Security Use md5 password hashing Use shadow passwords Create Second Admin Account Like root, with different name Root logins become a sign of intrusion Controversial, but useful for some Remember, all Bastille Linux functionality is optional! Install SSH Disable Dangerous R* Utilities rlogin, rsh, rcp, etc. Create empty.rhosts file for each user, root owned, mode 0400, empty Mode 0400 empty /etc/hosts.equiv Use ssh, scp, etc. instead Basic Features Walkthrough (3) Protect Bootloader Require password for single-user mode Reduce prompt delay Alter permissions to prevent users reading (necessary for passworded mode) Restrict Console Reboots (Control-Alt-Delete) Remote Access Restrictions Extra logging for portscans Security risks of telnet and FTP discussed TCP Wrapper host-specific configuration "Authorized Users Only" banners For Servers, Disable Compilers A pinch more security, though admittedly not much Prevent remote root logins

Basic Features Walkthrough (4) Limit console logins to administrators Denial-of-Service Protections Per-user limits No core files Limit users file size Additional Logging Direct to virtual consoles 7 and 8 Remote loghost Separate local kernel and system logs Separate local user login log Process Accounting Basic Features Walkthrough (5) Sendmail Configuration Fix most known holes Turn off daemon mode Turn off VRFY/EXPN (anti-spam/recon) Red Hat 6 already restricts relaying Restrict Cron Access Disable Unnecessary Daemons

Basic Features Walkthrough (6) Chrooted DNS server Set this up, even if BIND not running, in case it s enabled later Deactivate DNS server by default Apache Configuration Deactivate, or bind to localhost only Don t follow symbolic links Disable server-side includes Disable CGI scripts FTP Configuration Disable user privileges Disable anonymous access Features Walkthrough: Firewall Aimed at experts (Created interactively, good defaults) Trusted, Public, and Internal interfaces TCP, UDP, ICMP audit logging Different services on different interface classes TCP, UDP, ICMP blocking Block source spoofed packets IP Masquerading

Features: Automation Set up one machine, use the same configuration on hundreds or thousands of boxes Several default setups: Firewall Mail server Web server Workstation Lessons Learned ESR s Cathedral and the Bazaar a Standard Model. 1. Every good work of software starts by scratching a developer s personal itch. 2. Good programmers know what to write. Great ones know what to rewrite (and reuse). Our Verdict:Unclear --- tending towards true 3. Plan to throw one away; you will, anyhow. (Fred Brooks, The Mythical Man-Month, Chapter 11)!

ESR s Aphorisms (2) 4. If you have the right attitude, interesting problems will find you. Our Verdict:Unclear 5. When you lose interest in a program, your last duty to it is to hand it off to a competent successor. Our Verdict: N/A (Hasn t Happened Yet) 6. Treating your users as co-developers is your least-hassle route to rapid code improvement and effective debugging. 7. Release early. Release often. And listen to your customers. ESR s Aphorisms (3) 8. Given a large enough beta-tester and co-developer base, almost every problem will be characterized quickly and the fix obvious to someone. (we think) 9. Smart data structures and dumb code works a lot better than the other way around. 10. If you treat your beta-testers as if they re your most valuable resource, they will respond by becoming your most valuable resource.

ESR s Aphorisms (4) 11. The next best thing to having good ideas is recognizing good ideas from your users. Sometimes the latter is better. 12. Often, the most striking and innovative solutions come from realizing that your concept of the problem was wrong. 13. Perfection (in design) is achieved not when there is nothing more to add, but rather when there is nothing more to take away. Our Verdict:Unclear ESR s Aphorisms (5) 14. Any tool should be useful in the expected way, but a truly great tool lends itself to uses you never expected. Our Verdict:Unclear 15. When writing gateway software of any kind, take pains to disturb the data stream as little as possible -- and *never* throw away information unless the recipient forces you to! Our Verdict: N/A (Not gateway software) 16. When your language is nowhere near Turing-complete, syntactic sugar can be your friend.

ESR s Aphorisms (6) 17. A security system is only as secure as its secret. Beware of pseudo-secrets. -- In fact, this has been a guiding principle all along! 18. To solve an interesting problem, start by finding a problem that is interesting to you. 19: Provided the development coordinator has a medium at least as good as the Internet, and knows how to lead without coercion, many heads are inevitably better than one. The End Please mail questions or comments to jon@umbc.edu The Bastille Linux homepage is http://bastille-linux.sourceforge.net/ To subscribe to the announcement mailing list, send mail to bastille-linux-announce-request@lists.bastille-linux.org To subscribe to the discussion list, please send mail to bastille-linux-discuss-request@lists.bastille-linux.org

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information