Securing Linux / Unix Systems
Michael H. Warfield
mhw@wittsend.com
Internet Security Systems Inc
ISS Connect
May 26, 1999
Table of Contents
Securing Linux / Unix Systems Michael H. Warfield Internet Security Systems Inc mhw@wittsend.com ISS Connect May 26, 1999
Notes for Note Takers
Outline
Introduction
Target Systems
Security vs Utility
The Principle of Least Privilege
The Principle of Minimum Access
Workstations and Servers
Basic Steps Along the Road
Network Design and Layout
Installation Security
Existing Installations
Existing Installations - FTP
Existing Installations - Web
Existing Installations - E-Mail
Operating Securely
Security Tools and Enhancements
Security Tools: Network Scanners
Security Tools: Host Based
Security Tools: Detection
Keeping Informed
Advanced Topics
Advanced Topics
Honey Pots and Traps
Reaction Systems
Counter Attacks
Abacus Port Sentry
Defense in Depth
LASG
Conclusion
Conclusion
Parting Thought
Security Sites
Security Resources
Security Lists and Newsgroups
LinuxWorld
Securing Linux / Unix Systems Michael H. Warfield Internet Security Systems Inc mhw@wittsend.com http://www.wittsend.com/mhw/securing_linux
View Text Version