Securing Linux / Unix Systems

Michael H. Warfield
mhw@wittsend.com
Internet Security Systems Inc
ISS Connect
May 26, 1999


Table of Contents

Securing Linux / Unix Systems Michael H. Warfield Internet Security Systems Inc mhw@wittsend.com ISS Connect May 26, 1999

Notes for Note Takers

Outline

Introduction

Target Systems

Security vs Utility

The Principle of Least Privilege

The Principle of Minimum Access

Workstations and Servers

Basic Steps Along the Road

Network Design and Layout

Installation Security

Existing Installations

Existing Installations - FTP

Existing Installations - Web

Existing Installations - E-Mail

Operating Securely

Security Tools and Enhancements

Security Tools: Network Scanners

Security Tools: Host Based

Security Tools: Detection

Keeping Informed

Advanced Topics

Advanced Topics

Honey Pots and Traps

Reaction Systems

Counter Attacks

Abacus Port Sentry

Defense in Depth

LASG

Conclusion

Conclusion

Parting Thought

Security Sites

Security Resources

Security Lists and Newsgroups

LinuxWorld

Securing Linux / Unix Systems Michael H. Warfield Internet Security Systems Inc mhw@wittsend.com http://www.wittsend.com/mhw/securing_linux


View Text Version