Linux系统管理员安全指南

需积分: 0 119 浏览量更新于2024-07-25 收藏 357KB PDF 举报

Linux Adminstrators Security Guide 本资源摘要信息涵盖了 Linux 系统管理员安全指南的重要知识点，旨在帮助 Linux 系统管理员更好地理解和实施安全措施，保护 Linux 系统免受各种威胁和攻击。 **License** 本指南采用非商业许可证，允许用户在非商业目的下免费使用和分享。用户在使用本指南时，需要遵守相关的许可证条款。 **Preface** 本指南的作者 Kurt Seifried 介绍了 Linux 系统管理员安全指南的重要性，强调了 Linux 系统管理员在保护 Linux 系统安全方面的重要角色。 **Forward by the author** 作者 Kurt Seifried 介绍了 Linux 系统管理员安全指南的历史和发展，强调了 Linux 系统管理员安全指南在保护 Linux 系统安全方面的重要性。 **Contributing** 本指南欢迎用户的贡献和反馈，鼓励用户参与 Linux 系统管理员安全指南的发展和完善。 **What this guide is and isn't** 本指南旨在帮助 Linux 系统管理员更好地理解和实施安全措施，而不是一个详尽的安全指南。 **How to determine what to secure and how to secure it** 本指南介绍了如何确定 Linux 系统中的安全风险，并指导用户如何实施相应的安全措施。 **Safe installation of Linux** 本指南介绍了如何安全地安装 Linux 操作系统，包括选择合适的安装媒体、物理安全和 Boot 安全等方面。 **Choosing your install media** 本指南介绍了如何选择合适的安装媒体，包括 CD、DVD、USB 等。 **It ain't over till** 本指南强调了 Linux 系统管理员在保护 Linux 系统安全方面的重要角色，并鼓励用户继续学习和完善安全技能。 **General concepts, server versus workstations, etc** 本指南介绍了 Linux 系统管理员需要了解的一般安全概念，包括服务器和工作站的安全性等。 **Physical/Boot security** 本指南介绍了物理安全和 Boot 安全，包括物理访问控制、BIOS 设置、LILO 等。 **Physical access** 本指南介绍了物理访问控制的重要性，包括控制物理访问权限、限制物理访问等。 **The computer BIOS** 本指南介绍了 BIOS 的安全性，包括设置 BIOS 密码、限制 BIOS 访问等。 **LILO** 本指南介绍了 LILO 的安全性，包括设置 LILO 密码、限制 LILO 访问等。 **The Linux kernel** 本指南介绍了 Linux 内核的安全性，包括升级和编译内核等。 **Upgrading and compiling the kernel** 本指南介绍了如何升级和编译 Linux 内核，包括选择合适的内核版本等。 **Kernel versions** 本指南介绍了 Linux 内核的版本号，包括如何选择合适的内核版本等。 **Administrative tools** 本指南介绍了 Linux 系统管理员需要了解的一般管理工具，包括 Telnet、SSH、LSH 等。 **Access** 本指南介绍了 Linux 系统管理员需要了解的一般访问控制，包括控制物理访问权限、限制访问等。 **Telnet** 本指南介绍了 Telnet 的安全性，包括设置 Telnet 密码、限制 Telnet 访问等。 **SSH** 本指南介绍了 SSH 的安全性，包括设置 SSH 密码、限制 SSH 访问等。 **LSH** 本指南介绍了 LSH 的安全性，包括设置 LSH 密码、限制 LSH 访问等。 **REXEC** 本指南介绍了 REXEC 的安全性，包括设置 REXEC 密码、限制 REXEC 访问等。 **NSH** 本指南介绍了 NSH 的安全性，包括设置 NSH 密码、限制 NSH 访问等。 **Slush** 本指南介绍了 Slush 的安全性，包括设置 Slush 密码、限制 Slush 访问等。 **SSL/Telnet** 本指南介绍了 SSL/Telnet 的安全性，包括设置 SSL/Telnet 密码、限制 SSL/Telnet 访问等。 **Fsh** 本指南介绍了 Fsh 的安全性，包括设置 Fsh 密码、限制 Fsh 访问等。 **secsh** 本指南介绍了 secsh 的安全性，包括设置 secsh 密码、限制 secsh 访问等。 **Local** 本指南介绍了本地安全性，包括设置本地密码、限制本地访问等。 **YaST** 本指南介绍了 YaST 的安全性，包括设置 YaST 密码、限制 YaST 访问等。 **sudo** 本指南介绍了 sudo 的安全性，包括设置 sudo 密码、限制 sudo 访问等。 **Super** 本指南介绍了 Super 的安全性，包括设置 Super 密码、限制 Super 访问等。 **Remote** 本指南介绍了远程安全性，包括设置远程密码、限制远程访问等。 **Webmin** 本指南介绍了 Webmin 的安全性，包括设置 Webmin 密码、限制 Webmin 访问等。 **Linuxconf** 本指南介绍了 Linuxconf 的安全性，包括设置 Linuxconf 密码、限制 Linuxconf 访问等。 **COAS** 本指南介绍了 COAS 的安全性，包括设置 COAS 密码、限制 COAS 访问等。 **System Files** 本指南介绍了 Linux 系统文件的安全性，包括 /etc/passwd、/etc/shadow 等。 **/etc/passwd** 本指南介绍了 /etc/passwd 文件的安全性，包括设置密码、限制访问等。 **/etc/shadow** 本指南介绍了 /etc/shadow 文件的安全性，包括设置密码、限制访问等。本资源摘要信息涵盖了 Linux 系统管理员安全指南的重要知识点，旨在帮助 Linux 系统管理员更好地理解和实施安全措施，保护 Linux 系统免受各种威胁和攻击。

Safe installation of Linux

A proper installation of Linux is the first step to a stable, secure system. There are various tips

and tricks to make the install go easier, as well as some issues that are best handled during the

install (such as disk layout).

Choosing your install media

This is the #1 issue that will affect speed of install and to a large degree safety. My personal

favorite is ftp installs since popping a network card into a machine temporarily (assuming it

doesn't have one already) is quick and painless, and going at 1+ megabyte/sec makes for

quick package installs. Installing from CD-ROM is generally the easiest, as they are bootable,

Linux finds the CD and off you go, no pointing to directories or worrying about case (in the

case of an HD install). This is also original Linux media and you can be relatively sure it is

safe (assuming it came from a reputable source), if you are paranoid however feel free to

check the signatures on the files.

• FTP - quick, requires network card, and an ftp server (Windows box running

something like warftpd will work as well).

• HTTP – also fast, and somewhat safer then running a public FTP server for installs

• Samba - quick, good way if you have a windows machine (share the cdrom out).

• NFS - not as quick, but since nfs is usually implemented in most existing UNIX

networks (and NT now has an NFS server from MS for free) it's mostly painless. NFS

is the only network install supported by RedHat’s kickstart.

• CDROM - if you have a fast cdrom drive, your best bet, pop the cd and boot disk in,

hit enter a few times and you are done. Most Linux CDROM’s are now bootable.

• HardDrive - generally the most painful, windows kacks up filenames/etc, installing

from an ext2 partition is usually painless though (catch 22 for new users however).

It ain't over 'til...

So you've got a fresh install of Linux (RedHat, Debian, whatever, please, please, DO NOT

install really old versions and try to upgrade them, it's a nightmare), but chances are there is a

lot of extra software installed, and packages you might want to upgrade or things you had

better upgrade if you don't want the system compromised in the first 15 seconds of uptime (in

the case of BIND/Sendmail/etc.). Keeping a local copy of the updates directory for your

distributions is a good idea (there is a list of errata for distributions at the end of this

document), and making it available via nfs/ftp or burning it to CD is generally the quickest

way to make it available. As well there are other items you might want to upgrade, for

instance I use a chroot'ed, non-root version of Bind 8.1.2, available on the contrib server

(ftp://contrib.redhat.com/), instead of the stock, non-chrooted, run as root Bind 8.1.2 that ships

with RedHat Linux. You will also want to remove any software you are not using, and/or

replace it with more secure versions (such as replacing rsh with ssh).

General concepts, server verses workstations, etc

There are many issues that affect actually security setup on a computer. How secure does it

need to be? Is the machine networked? Will there be interactive user accounts (telnet/ssh)?

Will users be using it as a workstation or is it a server? The last one has a big impact since

"workstations" and "servers" have traditionally been very different beasts, although the line is

blurring with the introduction of very powerful and cheap PC's, as well as operating systems

that take advantage of them. The main difference in today's world between computers is

usually not the hardware, or even the OS (Linux is Linux, NT Server and NT Workstation are

close family, etc.), it is in what software packages are loaded (apache, X, etc) and how users

access the machine (interactively, at the console, and so forth). Some general rules that will

save you a lot of grief in the long run:

1. Keep users off of the servers. That is to say: do not give them interactive login shells,

unless you absolutely must.

2. Lock down the workstations, assume users will try to 'fix' things (heck, they might

even be hostile, temp workers/etc).

3. Use encryption wherever possible to keep plain text passwords, credit card numbers

and other sensitive information from lying around.

4. Regularly scan the network for open ports/installed software/etc that shouldn't be,

compare it against previous results..

Remember: security is not a solution, it is a way of life.

Generally speaking workstations/servers are used by people that don't really care about the

underlying technology, they just want to get their work done and retrieve their email in a

timely fashion. There are however many users that will have the ability to modify their

workstation, for better or worse (install packet sniffers, warez ftp sites, www servers, irc bots,

etc). To add to this most users have physical access to their workstations, meaning you really

have to lock them down if you want to do it right.

1. Use BIOS passwords to lock users out of the BIOS (they should never be in here, also

remember that older BIOS's have universal passwords.)

2. Set the machine to boot from the appropriate harddrive only.

3. Password the LILO prompt.

4. Do not give the user root access, use sudo to tailor access to privileged commands as

needed.

5. Use firewalling so even if they do setup services they won’t be accessible to the world.

6. Regularly scan the process table, open ports, installed software, and so on for change.

7. Have a written security policy that users can understand, and enforce it.

8. Remove all sharp objects (compilers, etc) unless needed from a system.

Remember: security in depth.

Properly setup, a Linux workstation is almost user proof (nothing is 100% secure), and

generally a lot more stable then a comparable Wintel machine. With the added joy of remote

administration (SSH/Telnet/NSH) you can keep your users happy and productive.

Servers are a different ball of wax together, and generally more important then workstations

(one workstation dies, one user is affected, if the email/www/ftp/etc server dies your boss

Physical / Boot security

Physical Access

This area is covered in depth in the "Practical Unix and Internet Security" book, but I'll give a

brief overview of the basics. Someone turns your main accounting server off, turns it back on,

boots it from a specially made floppy disk and transfers payroll.db to a foreign ftp site. Unless

your accounting server is locked up what is to prevent a malicious user (or the cleaning staff

of your building, the delivery guy, etc.) from doing just that? I have heard horror stories of

cleaning staff unplugging servers so that they could plug their cleaning equipment in. I have

seen people accidentally knock the little reset switch on power bars and reboot their servers

(not that I have ever done that). It just makes sense to lock your servers up in a secure room

(or even a closet). It is also a very good idea to put the servers on a raised surface to prevent

damage in the event of flooding (be it a hole in the roof or a super gulp slurpee).

The Computer BIOS

The computer's BIOS is on of the most low level components, it controls how the computer

boots and a variety of other things. Older bios's are infamous for having universal passwords,

make sure your bios is recent and does not contain such a backdoor. The bios can be used to

lock the boot sequence of a computer to C: only, i.e. the first harddrive, this is a very good

idea. You should also use the bios to disable the floppy drive (typically a server will not need

to use it), and it can prevent users from copying data off of the machine onto floppy disks.

You may also wish to disable the serial ports in users machines so that they cannot attach

modems, most modern computers use PS/2 keyboard and mice, so there is very little reason

for a serial port in any case (plus they eat up IRQ's). Same goes for the parallel port, allowing

users to print in a fashion that bypasses your network, or giving them the chance to attach an

external CDROM burner or harddrive can decrease security greatly. As you can see this is an

extension of the policy of least privilege and can decrease risks considerably, as well as

making network maintenance easier (less IRQ conflicts, etc.).

LILO

Once the computer has decided to boot from C:, LILO (or whichever bootloader you use)

takes over. Most bootloaders allow for some flexibility in how you boot the system, LILO

especially so, but this is a two edged sword. You can pass LILO arguments at boot time, the

most damaging (from a security point of view) being "imagename single" which boots

Linux into single user mode, and by default in most distributions dumps you to a root prompt

in a command shell with no prompting for passwords or other pesky security mechanisms.

Several techniques exist to minimize this risk.

delay=X

this controls how long (in tenths of seconds) LILO waits for user input before booting to the

default selection. One of the requirements of C2 security is that this interval be set to 0

(obviously a dual boot machines blows most security out of the water). It is a good idea to set

this to 0 unless the system dual boots something else.

剩余151页未读，继续阅读

plutoyeh

粉丝: 0
资源: 8

Linux系统管理员安全指南

oralce9i数据库基础（英文原版）

win8.1如何获得管理员权限删除文件夹

删除文件夹提示需要权限

基于Matlab面板版的卡尔曼小球运动跟踪[Matlab面板版].zip

Day01(1).py

面试-PHP高频面试题整理-面试题合集.zip

(最新整理)中国企业OFDI微观数据2005-2022年

毕业设计论文SpringBoot+Vue茶叶销售系统.docx

用于计算贴片天线的基本参数matlab代码.rar

毕业设计论文SpringBoot+Vue二手书籍交易系统.docx

最新资源