Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Computer Security System Investigation

Verified

Added on 2023/02/01

AI Summary

This project discusses system security and how to utilize different tools for minimizing threats to the network. It covers VM ware image file installation, investigation of system security, and proposal for securing the system. The project focuses on topics like security patches, encryption, and hardening of the system.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

University
Semester
COMPUTER SECURITY-SYSTEM
INVESTIGATION
Student ID
Student Name
Submission Date
1

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Table of Contents
1. Project Description............................................................................................................................3
2. VM ware Image File Installation......................................................................................................3
3. Description of Investigate of the System Security............................................................................8
4. Description of the Results...............................................................................................................11
5. Proposal on how to secure the System............................................................................................22
References...........................................................................................................................................24
2

Project Description
In this Project we shall discuss about System Security and how best to utilise different
tools for minimising the threats to our Network. We shall be using the platform of VM image
files. i.e. Virtual Machines. Now, a virtual machine is a software computer that, like a
physical computer, runs an operating system and applications and is based on computer
architectures which provides functionality of a physical computer. The virtual machine is
comprised of a set of specification and configuration files and is backed by the physical
resources of a host.
VM ware Image File Installation
Many firms provide VM’s in the market based upon the Operating System in use.
Widget Inc is one such company and we shall use the VM provided by it for our Project.
What we will be doing during this whole project is that, we shall conduct various Tests and
Security checks on our System on VM platform and then, identify, understand, study and
make a Result based on our tests (Lange, 2018). Now, our concentration of these tests and
trials will be specifically for Security and Safety in general. We shall make use of particular
Safety Tools like Lynis to conduct the above mentioned Tests on the VM’s.
a. The Exercise of Testing and Assessment will cover the below topics,
b. A Planned method of Security System Inspection.
c. Tools required for this Inspection of Security.
d. Analysing the outcome of this Inspection
No we come to the part where the VM file will be installed for use (Hamid, 2017). Follow the
below steps for using the VM File on the system,
 The VM File has to be downloaded on our System in use.
 Start installing the VM work station once the down load has been completed.
 Complete the process of installing the VM work station.
 Open the VM work station as shown in the below image.
3

Open the VM file as shown in the image,
Next select our VM image file and open it by clicking on the file as shown in the image
below,
4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

Next, will be to click the Power On button to open Ubuntu.
5

VM Ubuntu will be successfully installed and now the next step in this process is to enter the
User name & password. The values for these parameters are,
Username: user
Password: Password@123
Now our objective of this Project is to check the Security standard and level and for this we
have to hack the system i.e. the VM system. Follow these steps for the same,
 Boot into the recovery mode.
6

 Drop to root shell prompt.
 Remount the root with write access
 Change the username and password
 During the changing process the following error will be displayed ,
“Authentication manipulation error”
As the File system is only “read access”, the error will be displayed as shown in the above
image. To remove this error and for resetting the password, we have to remount the system
and re-enter the password. Locate the IP address on the system for the VM which is shown in
the below image,
Once the user name and the password have been modified, we shall look for other security
problems in the Ubuntu VM. These Security issues will be as,
 Security Patches.
 Communication issues due to Encryption data.
 VM file and Network service problems for the System.
 Unreliable password settings.
 Viruses/ Bugs/ Malware problems and threats.
 Hardening issues related to Web System/ Server
 SSL problems.
3) Description of Investigation of the System Security
7

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Most organizations and companies these days want their information system to be managed
as safely and securely as possible. “Security Evaluation” is the right step in achieving this
goal for any organization. Security Evaluation is particularly important because of the rapidly
changing environment of the information security system or the operation system. Threats
from new viruses, bugs, malwares, and data theft make Data vulnerable and Security at all
time risk. With a “Security Evaluation” during the development process, threats can be
detected and corrected early. But also after the end of a project, a security evaluation can be
useful to know existing threats and potential vulnerabilities of your system. We shall discuss
the Security Evaluation procedure and the various tests and analyses we shall use for this.
This will not only make us understand the type and frequency of threats before and during the
evaluation process but also for the likely attacks after the process is completed. We shall use
one of the processes mentioned below for our Security Evaluation,
- Studying and getting all the information for the Design structure of the System,
Software used Authentication, Validation of the Framework and lastly the
Certification for the System in use.
- Focussing on the behavioural aspect of the system in use and understanding its
interrelation with other components/ software’s/ Stored data/ Sectors on the
System.
- Understanding the mind of a Hacker and a Potential Attacker and how they will
use a tool for entering the Server/ Framework system and be a threat to the
security (He, 2015).
Now with a specific security benchmark which has been certified and classified from
authorities, the security of our system can be inspected and analysed. An attempt to illegally
get into the system will be tried out and analysed. We shall be using our VM image file,
Ubuntu 18.04 for this Security Evaluation. (“Ubuntu” is an open source operating
system which is built upon the code base of Linux). We shall maintain the standards so as the
Security satisfies the criteria’s as laid down by international level and governed by computer
security specifications. “Encryption” is the process of encoding a message or information in
such a way that only authorized parties can access it and those who are not authorized cannot.
Encryption does not itself prevent interference, but denies the intelligible content to a would-
be interceptor. In an encryption scheme, the intended information or message, referred to
as plaintext, is encrypted using an encryption algorithm – a cipher – generating cipher
text that can be read only if decrypted.
8

Understanding the importance of Up-Dates and Software patches is also very
important to the overall security of the System. These will reduce the exposures for attacks by
outsiders as the software and the system will be updated to the latest version.
Now the best possible way to ensure the Security of the System (Ubuntu) is by
undergoing the hardening process for the network which shall be carried out as below,
Always Up-date the System
Attackers are always looking for soft spots that can be attacked and be easy targets for
even malwares, bugs and viruses. Reduce the amount of unwanted programs,sectors and tools
which do not add any value to the overall improvement and performance of the Network.
Such type of programs, Files, Sectors and areas should be discarded and isolated from the
main Network. Scan the entire Network thoroughly for such type of bugs and corrupted areas.
Reducing the programs and sectors will also reduce the exposed area for potential attackers.
All the bugs and viruses will be quarantined every time the System is Updated and patches
used.
The following command is ways to update an Ubuntusystem:
apt-get or apt command – apt-get command or apt command is the command-line tool for
handling packages.
Turn on SELinux
SELinux provides a flexible Mandatory Access Control (MAC) system built into
the Linux kernel. Under standard Linux Discretionary Access Control (DAC), an
application or process running as a user (UID or SUID) has the user's permissions to objects
such as files, sockets, and other processes. A SELinux-hardened system will run
with SELinux in enforcing mode, meaning that the SELinux policy is in effect and things
that it doesn't want to allow won't be allowed. But when trying to debug permission
problems, it might make sense to temporarily disable SELinux. Its architecture strives to
separate enforcement of security decisions from the security policy itself, and streamlines the
amount of software involved with security policy enforcement. Limiting privilege to the
minimum required to work reduces or eliminates the ability of these programs
and daemons to cause harm if faulty or compromised. This confinement mechanism operates
independently of the traditional Linux control mechanisms.
Sudo Configuration
One of the way’s to implement security in Linux is the user management policy and
user permission and normal users are not authorized to perform any system operations.
9

If a normal user needs to perform any system wide changes he needs to use either ‘su‘or
‘sudo ‘command. ‘su‘ forces you to share your root password to other users whereas
‘sudo‘makes it possible to execute system commands without root password. ‘sudo‘lets you
use your own password to execute system commands i.e., delegates system responsibility
without root password. ‘sudo‘ is a root binary setuid, which executes root commands on
behalf of authorized users and the users need to enter their own password to execute system
command followed by ‘sudo‘.
SSH Security and Server Hardening
“SSH” or Secure Shell is the popular protocol for doing system administration on
Linux systems. It runs on most systems, often with its default configuration. As this service
opens up a potential gateway into the system, it is one of the steps to hardening a Linux
system. While it is good to manually harden a system, software and the related configurations
can change over time. SSH is based on network protocol and can use to execute various
command line operations and data transfer. It is necessary to limit SSH access to specific
users as part of server hardening. Instead of using a normal password-based login, a better
way is using public key authentication. Keys are considered much safer and less prone
to brute-force attacks. Disable Password Authentication to force users using keys. It is best
practice not to log in as the root user. Use a normal user account to initiate your connection
instead, together with sudo. Direct root logins may result in bad accountability of the actions
performed by this user account. Another recommended way to reduce potential attacks and
threats is to deploy Security System Tools. “Lynis” is a well-known Security tool used in
Security Auditing, Security Management etc. It provides insights in how well systems are
hardened and what you can do, to improve your security defenses. The software is open
source and free to use. It is updated on a regular basis, to keep up with new technologies.
Lynis is the system and security auditing tool specifically for Linux Platform.
Web server hardening
Transport Layer Security (TLS) is the successor protocol to SSL (Secure Sockets
Layer). TLS is an improved version of SSL. It works in much the same way as the SSL,
using encryption to protect the transfer of data and information. The Hardening process on
the Network and the System will enhance the value and the efficiency of TLS & SSL. This
shall lead to the following factors,
Settings of Nginx:NGINX is a lightweight, high-performance web server designed
for high-traffic use cases. One of NGINX’s strongest features is the ability to efficiently
serve static content and files. All NGINX configuration files are located in the /etc/nginx/
10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

directory. The primary configuration file is /etc/nginx/nginx.conf. This is used for the
Hardening process and the tuning of the entire system for Hardening.
High Goal Setting: Using a proper tool like SSL which is authorized and certified
will better aid in the securing the sensitive areas of the web server. Also the Configuration of
the Server as explained above.
Description of the Results
Now for understanding the importance of Audit for Security system of the Web
Server (VM Image File), we shall be using a special tool. This is known as “Lynis”. This
software is freely available over the net; Lynis is a host-based, open-source security auditing
application that can evaluate the security profile and posture of operating systems. Lynis
won't perform any system hardening automatically but it will offer suggestions that show you
how you can go about hardening the system yourself.
Now let’s look at the process of installing the Lynis over our platform i.e. Ubuntu 18.04,
- Update the System/ Framework by the below command,
Sudo apt-get update
- Install the Lynis tool on the system by entering the below command,
Sudo apt-get install lynis
The below image shows the outcome of using the above commands,
11

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

We have completed the Installation of Lynis on Ubuntu and also performed the scanning/
Auditing for its Security System. The result of that Scan will be as shown in the below image,
which shall include the Server System Tools/ Boot / Services,
With the information and reports displayed on the screen after the use of the Lynis tool, we
shall also have the status of the Storage Files, Sectors in Use, Isolated Sectors not in use,
USB (Universal Serial Bus) Devices connected, NFS (Network File System) etc. The
display containing the above mentioned data will be displayed like this,
19

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

Data showing details regarding the identified vulnerable Sectors, Devices in the alert zone,
Unused Files, Root file status etc. Also, it will display the “Accounting”, “Scheduled Tasks”,
“Banners and Identification” as per the scanning analyses and same will be displayed as per
the image below,
20

The Next display in the Result data will include, “Alerts”, “Warnings”, “Suggestions” and
that will be displayed as ,
21

Thus, the “Lynis” is a powerful Tool which assists system administrators , System
Managers, Web Maintenance engineers, System security professionals, System Testers,
Security Auditors with an Auditing Software for Security Analysis and Investigation, which
results in a detailed output which gives all the details as shown in the above images.
5)Proposal on how to Secure the System
So we have done a thorough analysis of the Security System of Linux and the
different security evaluation tools used during this process. We have identified he main
problems related to the Security of this system as,
1. Libxslt vulnerability
2. Systemd vulnerability
3. PHP vulnerabilities
4. Wget vulnerabilities
5. Pacemaker Vulnerabilities
Now to make the System safe and secured to the highest level, we shall adopt the
following points as given below,
1. Planned Updating of the System:
The Ubuntu System has to be kept updated and have a pre-scheduled plan for the
same. This updates have to be done at the earliest to reduce the risk of new potential attacks
(Baxendale, 2015).
2. SSH Access should be Harden:
Any possible attack on the Ubuntu system server will be logged down by the Server
logs (i.e. SSH server logs) in the system. This will be useful while understanding the number
of threats on the system. The SSH protocol supports many authentication methods. Arguably
one the most important of these is “Public Key” authentication for interactive and automated
connections. The motivation for using public key authentication over simple passwords is
security. Public key authentication provides cryptographic strength that even extremely long
passwords cannot offer. With SSH, public key authentication improves security considerably
as it frees the users from remembering complicated passwords (or worse yet, writing them
down). In addition to security public key authentication also offers usability benefits - it
allows users to implement single sign-on across the SSH servers they connect to. Public key
authentication also allows automated, password less login that is a key enabler for the
22

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

countless secure automation processes that execute within enterprise networks globally. It is
extremely important that the privacy of the private key is guarded carefully. For most user-
driven use cases this is accomplished by encrypting the private key with a passphrase. When
a private key is needed the user is asked to supply the passphrase so that the private key can
be decrypted. The handling of passphrases can be automated with an SSH agent.
3. Cut Out Unused Services on the Network:
Sectors and software’s not used by the Network and also facing problems should be removed.
These will drastically reduce the sectors exposed to the potential threats and attacks, making
the overall system less vulnerable and safer. This shall include but not limited to the
following points,
a. Identify the Services that have to be removed.
b. Uninstall the Listening services.
c. Include the running services like TCP (Transmission Control Protocol) &
UDP (User Datagram Protocol).
4. Firewall Configuration:
Firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. A firewall typically
establishes a barrier between a trusted internal network and untrusted external network, such
as the Internet. A firewall filters the information coming through the Internet connection into
the Server and the Network system. If an incoming packet of information is flagged by the
filters, it is not allowed through. It will act as a Gate for unwanted users to enter the Web
Server System.
Below two is the most common use of Firewall Application,
 UFW (Uncomplicated Firewall) – It is used to provide the IP table’s front end for
Ubuntu
 IP (Internet Protocol) Tables - It is controller for net filter which is most Linux
distribution by default.
5. Observe User Activities:
This basically means recording all the actions done by the users of the system and
logging down the same. Tracking of all the persons involved within the system helps to
identify and locate for any unwanted actions which may lead to pinpointing the problem area
and person. This will also help in a pro-active way before a potentially threatening attack can
happen. By knowing well before hand, by the help of all the surveillance activity, the admin
can take action to remove suspicious behaviours and person wanting to create trouble. This
23

shall be a very strong method for avoiding harm to the System. All this has to be done in a
proper authorised way and with proper intent.
6. A Security Login Banner:
The “Security Login Banner” will be displayed to the unwanted user when he
connects to server and before he logs in. Means when he enters the system with malicious
intentions, this message will be displayed before password prompt. Now this is more of mind
games than actual protection to the system.
7. Harden the networking layer:
Steps to protect the network from intruders by configuring the other security features
of the network’s servers and routers should be a priority for the administrator. Network
Layer Hardening is usually the process of securing a system by reducing its surface of
vulnerability, which is larger when a system performs more functions; in principle a single-
function system is more secure than a multipurpose one. So, hardening this Network layer
will vastly improve the overall security of Ubuntu System. Can restart the service after the
hardening has been completed by the command sudo sysctl -p.
So, with this we have completed the entire Project of Security System Evaluation and
Analysis of Ubuntu. This will keep our System safe from Threats, Bugs, Malware, Viruses
and all the other unwanted elements that may damage and corrupt our Data/Information and
overall Security.
24

References
Baxendale, G. (2015). How Secure is Secure?. ITNOW, 57(1), pp.34-35.
Hamid, A. (2017). Stega Image a Technique to Hide Data within Image File, Using Image
Steganography and Encryption. International Journal Of Engineering And Computer
Science.
He, Y. (2015). Description of a Cloud Based Private Social Network Security
Scheme. International Journal of Information and Education Technology, 5(7), pp.532-537.
Keith, N. (2012). Book Review: System Forensics, Investigation, and Response. Journal of
Digital Forensics, Security and Law.
Lange, K. (2018). »Auf ein Wort...« Mehr Mut wäre gut. Verwaltung & Management, 24(5),
pp.216-216.
25

1 out of 25

+13062052269

info@desklib.com

Computer Security System Investigation

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Computer Security System Investigation

System Security Investigation and Proposal

Computer Security Project

Computer Security System Investigation

Computer Security-System Investigation

Computer Security System Investigation