cs312-lecture16_slides

cs312-lecture16_slides - CS 312 Linux System Administration...

Info iconThis preview shows pages 1–14. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 312 Linux System Administration XVI: Security Part 1 Lance Albertson OSU Picture © Greg Keene
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Administriva HW5 due Thursday, 5/28 by 2PM Thursday class is moved to Owen 101 Read: Chapter 21 Evaluations: Help us improve!
Background image of page 2
Today's Objectives Part 1 of 2 on Security Password Security Software Updates
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Password Security Weak passwords vulnerable to dictionary attacks, guesses, etc. Need to define & adhere to password policy Picture © Flickr user 'amagill'
Background image of page 4
Defining Password Strength Length Mixture of upper/lowercase, numbers and special characters No personal info No names or words Picture © Flickr user 'highstrungloner'
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Password Aging Most experts say this is a good practice – some disagree Prevents long-term brute force attacks In theory, could lock out an attacker once they have access to an account Picture © Flickr user 'josh.laidlaw'
Background image of page 6
Forgotten Passwords ID Requirement Password Reset Questions “Forgot Password” email Picture © Flickr user 'jk5854'
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Ensuring Password Security cracklib John the Ripper Secure password generators – ie. pwgen
Background image of page 8
Password Replacements ssh keys Biometric – finger print, eye scan, etc. “smart cards” or other key type system Some combination of the above
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Educating Users Tell them what to expect Train how to create good passwords Be helpful: don't be BOFH or the “Company Computer Guy”
Background image of page 10
Software Vulnerabilities Upstream (Software maintainer) security fixes Downstream (OS/Package maintainer) security fixes Multiple maintained software versions complicate things
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CVE Common Vulnerabilities and Exposures Common (shared) list of vulnerabilities Links together upstream fix with downstream update
Background image of page 12
Vendor Updates Different distributions have different update policies Supported Lifetime Security updates vs. enhancements and bug fixes “Backport” patches vs. version bump
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 14
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 06/28/2009 for the course CS 312 taught by Professor Staff during the Spring '08 term at Oregon State.

Page1 / 28

cs312-lecture16_slides - CS 312 Linux System Administration...

This preview shows document pages 1 - 14. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online