Assignment about Hard Disk Encryption
Added on 2022-09-27
4 Pages1401 Words20 Views
<insert date>
Go2Linux, Inc.
<Student Name>
<Address>
Respected Sir/Madam,
I Hope this email finds you well. In this e-mail, I will talk in brief about some of the most
pressing concerns related to Linux that will help you clear your mind, if you had any
doubts. Without further ado, let’s begin.
How will you implement security in the Linux systems?
o Hard Disk Encryption
The Hard Disk in which the OS to be configured is to be protected with the first
launch. It is recommended to have a partitioned Full diskLVM setup with a strong
Passphrase to secure the disk. Distinct partitions are created for /usr, /var, /home
and/, thereby ensuring files and device binaries are kept segregated.
o SELinux
Security Enhanced Linux (SELinux) is type of a fine-grained Mandatory Access
Control (or also known as MAC) architecture intended to fulfill a wide variety of
security needs, from regular use to military and government applications that
handle sensitive information.
o Grsecurity
Grsecurity is a series of fixes for the Linux kernel that uses RBAC - Position
Based Access Control to highlight security improvements. RBAC seeks to limit
access to the network above what is usually offered by UNIX authentication lists,
with the goal of developing a completely low-privilege environment where
individuals as well as processes have the bare minimal rights to function properly
but nothing more.
o Filesystem Security
A stable structure needs a strong base or it would collapse. For the case of Linux
this will be the filesystem ext (EXTended, Version). Documents and folders
provide sets of privileges for both the file creator, the party affiliated with the file,
as well as all device users. Implementing Access control list, then Extended
Attributes as well as File system restrictions and controls will help protect the
filesystem.
o Linux SSH
Safeguarding the Root account for SSH is by far the most crucial thing about
every Linux system, as compromising the Root account leads to increased harm
to the entire file system. Root account remote access has to be deactivated for a
stable Linux machine. A linux system forwarding leads to easy attacks.
Therefore in /etc / ssh / sshd config, preserve
# X11 NO
# PubkeyAuthentication NO
o Network security
Linux does have a very robust and powerful network stack that supports a lot of
protocols including capabilities. Netfilter is a mechanism of the IP protocol stack
that catches packets going to, and from the network. Iptables is another such
module that incorporates an IPv4 firewalling mechanism, which is operated
through the iptables userland application. The network stack also contains an
IPsec module, which offers security, validity and IP networking integrity defense.
It could be used to enforce VPNs, as well as to link to authentication as well.
<insert logo, if desired>
Go2Linux, Inc.
<Student Name>
<Address>
Respected Sir/Madam,
I Hope this email finds you well. In this e-mail, I will talk in brief about some of the most
pressing concerns related to Linux that will help you clear your mind, if you had any
doubts. Without further ado, let’s begin.
How will you implement security in the Linux systems?
o Hard Disk Encryption
The Hard Disk in which the OS to be configured is to be protected with the first
launch. It is recommended to have a partitioned Full diskLVM setup with a strong
Passphrase to secure the disk. Distinct partitions are created for /usr, /var, /home
and/, thereby ensuring files and device binaries are kept segregated.
o SELinux
Security Enhanced Linux (SELinux) is type of a fine-grained Mandatory Access
Control (or also known as MAC) architecture intended to fulfill a wide variety of
security needs, from regular use to military and government applications that
handle sensitive information.
o Grsecurity
Grsecurity is a series of fixes for the Linux kernel that uses RBAC - Position
Based Access Control to highlight security improvements. RBAC seeks to limit
access to the network above what is usually offered by UNIX authentication lists,
with the goal of developing a completely low-privilege environment where
individuals as well as processes have the bare minimal rights to function properly
but nothing more.
o Filesystem Security
A stable structure needs a strong base or it would collapse. For the case of Linux
this will be the filesystem ext (EXTended, Version). Documents and folders
provide sets of privileges for both the file creator, the party affiliated with the file,
as well as all device users. Implementing Access control list, then Extended
Attributes as well as File system restrictions and controls will help protect the
filesystem.
o Linux SSH
Safeguarding the Root account for SSH is by far the most crucial thing about
every Linux system, as compromising the Root account leads to increased harm
to the entire file system. Root account remote access has to be deactivated for a
stable Linux machine. A linux system forwarding leads to easy attacks.
Therefore in /etc / ssh / sshd config, preserve
# X11 NO
# PubkeyAuthentication NO
o Network security
Linux does have a very robust and powerful network stack that supports a lot of
protocols including capabilities. Netfilter is a mechanism of the IP protocol stack
that catches packets going to, and from the network. Iptables is another such
module that incorporates an IPv4 firewalling mechanism, which is operated
through the iptables userland application. The network stack also contains an
IPsec module, which offers security, validity and IP networking integrity defense.
It could be used to enforce VPNs, as well as to link to authentication as well.
<insert logo, if desired>
o Snort - intrusion detection
Snort's network-based opensource intrusion detection software (NIDS) is capable
of performing real-time traffic monitoring including packet monitoring on IP
networks. The below commands helps monitor as well as log the network
attacks.
# ifconfig eth1 up -arp
# service snort start
# snort -i eth1 -v
End users have expressed some concern about completing their day-to-day tasks on
Linux. How would activities such as email/web browsing work? How would they work
with their previous Microsoft Office files?
o Linux has matured as a platform and now lots of applications are available for Linux. At
the same time, day to day operations with Linux are not much different than that of
Windows.
o For instance, latest revisions of Ubuntu now come with Task switcher, application
drawer, start menu like interface, tab management and so on. At the same time,
common applications that are available for other platforms are also available for Linux.
For instance, both Chrome and Firefox is available for Linux which are among the most
popular browsers in the world and work similar to how they work on Windows.
o Also, Microsoft does not make Office for Linux, but there are alternatives such as Libre
office which can open and edit office files. Apart from that, there is something called as
‘Wine’ that allows Microsoft office installation on Linux.
The current Windows administrators are unsure about administering Linux systems. How
are common tasks, such as process monitoring and management, handled in Linux?
How does logging work? Do we have event logs like we do in Windows?
o Process is also managed in Linux like the same way it is managed for Windows. There
are foreground processes and there are background processes.
o Simultaneously, process management can be invoked using the terminal and Linux
distros like Ubuntu also have built in task manager for managing processes.
Some folks in IT raised questions about the Linux flavor that was recommended. They
would like to see comparisons between your recommendation and a couple of other
popular options. What makes your recommendation the best option?
o Ubuntu is among the most popular distros available for Linux. There are multiple benefits
of using Ubuntu over other distros.
o The first ones being that there is something called as Livepatch in Ubuntu that eases the
updating and patching of Linux operating system [1, pp. 20–28].
o At the same time, there are other benefits such as a dedicated application drawer, task
navigation, application switching, built-in application store and longer supports if LTS
variant is chosen.
o
How does software installation work on Linux? Can we use existing Windows software?
o There are different package managers in Linux that handle application installs. However,
focusing on Ubuntu only, there are multiple ways wherein one can install application.
o The first and foremost is the terminal command ‘Apt’ followed by the application name.
o The second is to get application from the built-in application stores.
o Third are software directories such as ‘sourceforge’, ‘fosshub’ and developers own
websites. Many applications that are available for Windows also are available for Linux,
Snort's network-based opensource intrusion detection software (NIDS) is capable
of performing real-time traffic monitoring including packet monitoring on IP
networks. The below commands helps monitor as well as log the network
attacks.
# ifconfig eth1 up -arp
# service snort start
# snort -i eth1 -v
End users have expressed some concern about completing their day-to-day tasks on
Linux. How would activities such as email/web browsing work? How would they work
with their previous Microsoft Office files?
o Linux has matured as a platform and now lots of applications are available for Linux. At
the same time, day to day operations with Linux are not much different than that of
Windows.
o For instance, latest revisions of Ubuntu now come with Task switcher, application
drawer, start menu like interface, tab management and so on. At the same time,
common applications that are available for other platforms are also available for Linux.
For instance, both Chrome and Firefox is available for Linux which are among the most
popular browsers in the world and work similar to how they work on Windows.
o Also, Microsoft does not make Office for Linux, but there are alternatives such as Libre
office which can open and edit office files. Apart from that, there is something called as
‘Wine’ that allows Microsoft office installation on Linux.
The current Windows administrators are unsure about administering Linux systems. How
are common tasks, such as process monitoring and management, handled in Linux?
How does logging work? Do we have event logs like we do in Windows?
o Process is also managed in Linux like the same way it is managed for Windows. There
are foreground processes and there are background processes.
o Simultaneously, process management can be invoked using the terminal and Linux
distros like Ubuntu also have built in task manager for managing processes.
Some folks in IT raised questions about the Linux flavor that was recommended. They
would like to see comparisons between your recommendation and a couple of other
popular options. What makes your recommendation the best option?
o Ubuntu is among the most popular distros available for Linux. There are multiple benefits
of using Ubuntu over other distros.
o The first ones being that there is something called as Livepatch in Ubuntu that eases the
updating and patching of Linux operating system [1, pp. 20–28].
o At the same time, there are other benefits such as a dedicated application drawer, task
navigation, application switching, built-in application store and longer supports if LTS
variant is chosen.
o
How does software installation work on Linux? Can we use existing Windows software?
o There are different package managers in Linux that handle application installs. However,
focusing on Ubuntu only, there are multiple ways wherein one can install application.
o The first and foremost is the terminal command ‘Apt’ followed by the application name.
o The second is to get application from the built-in application stores.
o Third are software directories such as ‘sourceforge’, ‘fosshub’ and developers own
websites. Many applications that are available for Windows also are available for Linux,
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Securing System Using IP Table Firewalllg...
|9
|931
|74
Report On Network Security - Unix Environment For Security Analysislg...
|10
|902
|247
Firewall Network Security System PDFlg...
|5
|1247
|61
Pen Testing | Questions and Answerslg...
|8
|619
|55
Signs of a Network Data Breach & How to Prevent Onelg...
|6
|1682
|13