270 likes | 667 Views
A short two-part talk introducing: Basic Linux/Unix system administration ( CentOS /RHEL5) General Computer/Network security … for the G53SEC module. Nick Reynolds. Linux and network security. CentOS 5. Adding Accounts. Need entry in /etc/ passwd Need password in /etc/shadow
E N D
A short two-part talk introducing: Basic Linux/Unix system administration (CentOS/RHEL5) General Computer/Network security … for the G53SEC module. Nick Reynolds. Linux and network security CentOS 5
Adding Accounts Need entry in /etc/passwd Need password in /etc/shadow Need home directory /home/[username] Correct Permissions $ man adduser $ adduser <username> $ man passwd $ passwd <username> Gui Alternative: redhat-config-users
The Telnet Server (telnetd) Runs on receiving a connection man xinted Start with: chkconfig krb5-telnet on Stop with: chkconfig krb5-telnet off
Configuring the Telnet Server Read manual page: man telnetd Set up accounts using: adduser Change account shell: chsh <username> (Tip: man ssh, chkconfig sshd on/off)
Other Services • ftp server • httpd server (apache) • ssh server • …
Network Configuration (Optional) redhat-config-network-gui
Software Installs – Distribution Searching: yum search [string] Installing: yum install [package] Staying up to date: yum update Lots more!: man yum man yum.conf
Monitoring The System Check logs: /var/log/* Monitor network activity: tcpdump Monitor processes: ps top
Useful Commands Move between accounts: /bin/su – [username] Permissions and ownership: chmod <mode> <filename> chgrp <group> <filename> chown <user> <filename> Manual pages: man <command>
Useful Resources CentOS5 (RedHat EE) Documentation http://netlab-gw.cs.nott.ac.uk/centos/5/docs/ http://ftp.cs.nott.ac.uk/centos/5/docs/ Linux Documentation Project http://newton.ex.ac.uk/LDP/ Search Engines!
Final CentOS Notes Many ways to achieve the same result. Experiment within a user account. Don’t make to many changes in one go. Stay up to date (yum update) Advanced methods to configure servers: man pam
General Network/Computer Security Encryption Access Permissions Who/what do you trust? Network Infrastructure
Encryption Use secure Protocols Insecure Secure telnet ssh ftp scp imapimaps http https
Access Permissions • File/directory permissions • Firewalls
Who/What do you trust? • DHCP? • IP Addresses?
Network Infrastructure • Where does your data go? • Switches? Hubs? Which route? • Wi-fi