Coursework Assignment
Operating Systems and Security
(M2G421117)
Adam Shanks – S1436559
12-12-2014
Contents
Page 1 – Contents
Page 2 – Introduction and Linux Security
Page 3 – Linux Security
Pages 4-13 – Lab Work
Page 14 – Conclusion
Page 15 – Copy of BASH Shell Script
Page 16 - References
Introduction
This Report will give an overview of Linux security and the features of SELinux (Security Enhanced Linux). This report will be split into 4 sections, Section 1 will be the introduction that will describe what I am being asked to undertake for this coursework. Section 2 will be on Linux security that will have a description of a Discretionary Access Control (DAC) and Mandatory Access Control, along with a comparison of them both. Section 3 will be the Apache server directory configuration and shell script, this will show an account of my work on the configuration of the serving directory in order to allow pages to be served using the apache web server while SELinux is enabled and in enforcing mode. This section will also include an account of a bash script shell that will test the security configurations. This section will be presented in the report with the use of screenshots along with a detailed description of the commands performed and what the screenshots show. Section 4 will contain the conclusion and this will include my thoughts on the work that I have undertaken and on the capabilities of SELinux.
Linux Security
Security Enhanced Linux is an advanced access
Windows XP was based on Windows NT4 and Windows 2000 technology. Microsoft was positioning the Windows XP Professional Edition to replace Windows NT4 and Windows 2000 Professional. In addition, the Windows XP Home edition replaced Windows 95/98/ME (TechGenix Ltd., 2002). The gap between the Home and Professional Editions begins to widen when it comes to larger computer networks. Some of the features that are limited to the Professional Edition are Remote Desktop, Offline Files and Folders, Scalable Processor Support, Encrypting File System, Access Control, Designed to manage Microsoft Windows Servers, Centralized Administration, Group Control, Software Installation and Maintenance, Roaming User Profiles, and Remote Installation Service.
10. You are using the grep command, but it is only searching through files in your immediate home directory. What option enables you to search through subdirectories below your home directory?
Dr. Blahblah has implemented a system with an 8-bit random canary that is used to detect and prevent stacke-based buffer overflow attacks. Describe an effective attack against Dr. Blahblah’s system and analyse its likelihood of success.
Traditionally Linux security has been run using DAC ( Discretionary Access Control ), which is based on users and groups to control which users and processes can access files and how they do it. This runs into a problem since the owner of a file has control over its permissions which can be less than ideal. SELinux ( Security-Enhanced Linux ) implements MAC ( Mandatory Access Control ), which is under the direct control of the systems administrator and is located in the kernel where it can control and enforce security, giving only the permissions needed to processes and users.
An operating system is system software that manages computer hardware and software resources and provides common services for computer programs. The operating system is an essential component of the system software in a computer system. Application programs usually require an operating system to function.
The controversy between the FBI and Apple going into “dark debate” began when one of the suspect’s phone was found from San Bernardino attack, and the FBI was not able to gain access into the device. The FBI asked Apple to decrypt only that one device to continue their investigation in depth. They asked apple to redesign a new software that will give access to law enforcements to the entire encrypted data and as well as tracking any online communications in agreement to the legal authorities. However, the Apple CEO Tim Cook doesn’t agree to recreate whole new software because it could be very risky in terms on how their iOS is building and designed. However, If Apple does agree to the law enforcement decision then there could be
There are many operating systems that are common on the Internet today. Back when computers could only handle one command at a time, in the 1950 's, was very time consuming. Now, about sixty years later, a computer 's operating system can handle many applications at one time while delivering speed and is user friendly. Although there are many Operating Systems that are available, there are onle a few of them that are well knon and is commonly used. Some of the most common Operating Systems that are used on the Internet are the Windows platforms such as Windows XP, Sun Solaris, UNIX, Apple, and Linux Apache.
An operating system, also known as OS, is a software on the hard drive that allows the hardware of a computer to communicate and operate with the computer software. The OS is the most important software running on a computer because it handles the memory, processes and all of its software and hardware. The OS helps coordinate all the programs that can access your CPU, memory and storage so that each program gets what it needs. Without the operating system a computer and its software would be completely useless.
An operating system is a vital component of the computer system. The common and simple devices like refrigerators and microwave ovens does not have an operating system. The complex systems which handle several components, functions and processes usually have an operating system. The operating system is like the brain of a human being, the brain is an essential organ in the body of human being which sends signals and helps functioning of the human body. Our intelligence, attitude, emotions and senses defines our presence, all these are possible because of our brain. In similar manner, “Operating System” (OS) is the power behind a computer system. In other words, operating system is brain of the computer and processor is the heart of the computer. A computer is the concatenation of several hardware parts. The operating system manages computer hardware resources and provides common services for computer programs and other application software.
The operating system whatever it may be (Windows or Linux) it is the most important program that runs on a computer. All general purpose computers require an operating system in order to run other programs. The Operating system performs essential basic tasks such as recognizing input from the keyboard, keeping track of files and their directories on the disk, the sending output to the display screen and the controlling of peripheral devices such as keyboards and printers.
SELinux (Security-Enhanced Linux) was developed by the U.S National Security Agency and essentially enforces security policies that limits what a user or program can do by implementing MAC (Mandatory Access Control) in the Linux kernel. It defines a security policy that controls many different things such as files, devices, sockets, ports and even some processes. The Security-enhanced Linux's features are designed to enforce the separation of information based on confidentiality and integrity requirements. They are designed for preventing processes from reading data and programs, tampering with data and programs, bypassing application security mechanisms, executing untrustworthy programs, or interfering with other processes in violation
“Chroot jail is a UNIX feature that creates a limited sandbox allowing a process to view only a single sub-tree of the file system.” “In order for it to work properly, some common programs and libraries need to be copied or linked to the appropriate locations in the new directory tree.” (Haas)
Linux is a trademark owned by Linus Torvalds [1]. It is an operating system which is powerful, free and inexpensive to own based on UNIX [1]. It is a POSIX-compliant with versions available to install in cell phones, supercomputers and most computing systems [1]. Linux is an open source program as its source code is available to the general public for use and the right to modify from its original design without any charges [1]. New code will be added to the next version made available with Linux if it is accepted as a universal improvement [1]. The code will continue to exist and developed by the user even if the company fails [1]. Moreover, updates for Linux are available every six months [1]. Nowadays, Linux is in constant development by
What is Operating System Security, Operating system security is the process of ensuring OS integrity, confidentiality and availability also OS security refers to specified steps used to protect the OS from threats, viruses, worms, malware or remote hacker. OS security include all avoiding-control techniques, which safeguard any computer information from being stolen, edited or deleted if OS security is included. OS security allows different applications and programs to perform required tasks and stop unauthorized interference. OS security may be applied in many ways. We 're going to discuss following topics in this article. A brief description about security and what are the types of encryption and what is Authentication, One Time passwords, Program Threats, System Threats and Computer Security Classifications.
Answer: Information Security is the practice of defending (guiding) information by considering the CIA Triad Principles which are Confidentiality (Authorize access), Integrity (Accuracy and Completeness) and Availability.