The Significance of Systems Configuration and Management for a UNIX System - Essay Example

?Practical UNIX Security Table of Contents Introduction UNIX is the most popular operating system which has been used extensively, and a lot of people still use it as it has been used in the past. However, a lot of IT experts who used UNIX systems in the earlier period discovered it inflexible from the security point of view. As its control was inspiring, its command-line interface needed technological proficiency; its grammar or syntax was not perceptive, and its interface was not user friendly. However, in the IT market, the UNIX operating system has been the medium for broad transformations that have authorized consumers to seek high quality devoid of random limitations imposed by administrative situations. Furthermore, in the UNIX system's early periods, security feature was almost absent. Then, the UNIX system became the first operating system to undergo attacks raised over the promising Internet. With the passage of time, the security arrangement moved from centralized to distributed verification and permission systems (UNIX Systems Cooperative Promotion Group, 1997) and (The Open Group, 2010). This paper discusses various security aspects of UNIX operating system along with some types of attack that can be applied to UNIX operating system. The basic aim of this paper is to describe in a systematic manner the significance of systems configuration and management and how to undertake systems configuration and management for a UNIX system. Security Considerations With the advancements in the technology the chances of security attacks and their intensity is also increasing. In the past, a lot of security and privacy attacks have greatly influenced a large number of organizations and businesses. Some well known examples of these attacks include, security develops Nimda, Code Red, RPC buffer overflows, SQL Slammer Worm, SSH vulnerabilities. Thus, to deal with such new types of security attacks a good security management patch as well as effective security strategy is very important, which can help secure organization’s systems and networks. Seeing that the businesses having a high-quality patch security strategy (which implemented all the recognized patches to the target systems) were not influenced or were least influenced as compared to those businesses which neglected patch security strategies and faced harsh issues like business downtime of numerous days and failure of business effort (code as well as data). In this scenario, all the practical systems have their own techniques for implementing security patches. Additionally, HP-UX, Solaris and AIX program and patch installation techniques allow the elimination of an application or a patch by restoring some overwritten operating system files as the “save” alternative is employed (that is the default option). In addition, the capability to get rid of a (reminded) security patch makes simpler patch administration on these systems liberating the manager from planning routine techniques for patch management and permitting the administrator to focus on improving system security. For this purpose, HP, Sun and IBM offered standard security patch packages for download a number of times every year, in addition to individual patch downloads as well as patch announcement services which can be received via electronic mail (without paying registration fee). Moreover, specific patch downloads are always available at retailer’s websites and a few mirrors for Red Hat Linux. However, the accessibility of alternatives is significant, for the reason that standard patch packages make simpler the normal application of patches as well as get rid of the need for numerous reboots and/or system configuration changes, as individual patch downloads permit the system application of a security patch at the instant as it is accessible (Tsitsivas et al., 2003), (Zheng & Zhang, 2009), (Curphey & Araujo, 2006) and (Ray, 2004). UNIX Security Overview Normally, all UNIX-based or other systems encompass particular log on procedures. However, these procedures depend on an individual’s access rights, since a person is normally given an account or group with which to use the terminals or workstations. This permission can generally give different access credentials, which depend on that individual's requirements. However, user accounts have some limitations, for instance, to which operations one can perform, in order to secure the UNIX system from any planned or accidental attack. In this scenario, recognizing the potentials and restrictions of an OS, its administration actions and software installation and how to organize and handle additional system software is an important element to ingredient of keeping systems safe. In this scenario, the businesses that keep the things easy (e.g. utilize simply one system class) are able to have high-quality recognition of their operating environment, its boundaries and weaknesses as well as should be capable to protect their system comparatively in a simple manner. On the other hand, only few corporations have the comfort of operating in a particular retailer/particular operating system atmosphere for the reason that PC desktops are presented in the majority well-established UNIX shops and UNIX computers can be presented in many Personal Computer shops. Moreover, the relative simplicity of moving system applications among UNIX editions as well adds to a propagation of diverse OS kinds and versions, making the task of protecting similar organizations really difficult, for the reason that even though there are a lot of resemblances exist among the different Operating System kinds there as well a lot of differences. For instance, a system administrator can possess a lot of knowledge of one version of UNIX, managing one or more versions of UNIX can need extra information for offering similar quality of service as well as security situation (Tsitsivas et al., 2003), (DeGrosse & Bohn, 2006) and (Amarante & Gomes, 2003). Main Security Vulnerabilities This section outlines some security and privacy related problems and issues. These issues are UNIX related and involve some potential security attacks which can be seen on UNIX system: Buffer overflow attacks: In this type of attack the client memory buffer is filled up to stop the system working as well as preventing it from processing any further request. In this kind of attack the system working is badly affected as well as system is not able to response user actions (Sheer, 2002) and (Ott et al., 2002). Setuid programs: A program that has the capability to execute without some core rights in an attempt to control UIDs of a different user. In this kind of attack the system control is hacked by an attacker and the system’s working is influenced by that attack problem. Moreover, the vulnerability or susceptibility is more probable to be established in some setuid program that is large and difficult (Sheer, 2002) and (Ott et al., 2002). Network client programs: It occurs when our FTP client is connected to a distant unsecured website. If the website server processes a response that the FTP client is not able to take control (like, a reply that is too long which creates the problem of buffer overflow), it could permit malevolent code to be performed through the FTP client in support of the network server. Therefore it is quite probable to exploit a security weakness in a client application with immediately waiting for that program by connecting to our website (Sheer, 2002) and (Ott et al., 2002). Permission problems: A directory allows the system administrator to see who can use the system. In other words, a person does not have the access to the resources if he does not exist in the admin group. However, it is not simple to see when there are thousands of directories and hundreds of users and groups. In this scenario, it become very difficult to see who is able to access what, when, and why since it involves complex scripts to be implemented to perform authorization tests as well as sets. Environment variables: In this type of issues we have lots of means of making and understanding environment variables to utilize susceptibility or get information that will negotiate UNIX system security. However, environment variables should by no means keep confidential information such as security codes or passwords (Sheer, 2002) and (Ott et al., 2002). Password sniffing: Special types of software are used to get admittance to user password. These programs are hidden inside the system as well as have the capability to access user password through sniffing the data packets. After accessing the user password the attacker can get hold of the system control plus make several critical problems (Sheer, 2002) and (Ott et al., 2002). Denial of service attacks: This is the most common type of security attacks that is used to stop or destroy the normal working sequence of several systems. In this scenario an attacker attacks the system by sending countless fake or false requests. Thus, it becomes almost impractical for the system to manage and handle such large number of user requests (Sheer, 2002) and (Ott et al., 2002). Response to UNIX Security Attack This section discusses some guidelines which can be used to effectively manage the privacy and security related aspects of the UNIX system: Physical and console security Seeing that the greater part of random and secluded attacks arrive over the network thus physical and console security are significant aspects. In an ideal situation each machine has to be protected with access to the console (like retune switch, keyboard as well as monitor) strongly restricted. Unluckily this is not an ideal world and it is exceptional to discover a physically safe system apart from a server area. In this scenario the initial step to confirm security of the system we need to strongly protect the system physically (Seifried, 2002). Backups For the better system security management, backups can be a high quality system security management tool that offers enhanced security of the overall business as well as corporate by replicating the information and data. Thus, in case of any possible attack and system crash we can initiate the overall system as of the start (Seifried, 2001). Authentication Authentication is normally one of the two major forms of protection that UNIX systems and networks depend upon; consequently making sure that our authentication sub-systems are working properly is significant. However, most of the Linux systems depend on user-names as well as passwords, as support for smartcards, tokens and additional authentication systems are also available they are yet comparatively infrequent. In this scenario, for the enhanced security management we need to make sure that an appropriate and strong login based system is implemented (Seifried, 2001). Attack detection No matter how high-quality our security is, it can be negotiated or violated. Due to the fact it is extremely significant to encompass a variety of structures of attack discovery at hand, as a result that when an event occurs we are prepared to it the instant feasible (also not while we initiate receiving objection as of other sites). For attack detection we need to implement a solid UNIX system security policy that can be able to ensure the enhanced working along with operational performance of the system (Seifried3, 2001) . Intrusion testing - scanning / intrusion tools In last few years amount of security systems and tools for UNIX has augmented noticeably, and the majority of them are freely available on the Internet. In the overall security and privacy management at the UNIX system we need to adopt better security procedure that can effectively control and manage the possible inside or outside security breaches or intrusions. For this purpose there are a lot of intrusion detection tools available those can effectively detect and fix possible security and privacy related issues (Seifried4, 2001). Firewalling In UNIX based system firewalling refers to the process of checking and filtering network data packets, normally at the place where our network is connected to some other network, which can be susceptible. Moreover, a network firewall is capable to stop the expansion of an attack if one part is negotiated effectively (Seifried5, 2001), (Wheeler, 2003). Conclusion This paper has discussed a detailed analysis of security related aspects for the UNIX operating system. UNIX is the most popular operating system which has been used widely, and a lot of people still use it as it has been used in the past. However, a lot of IT experts who used UNIX systems in the earlier period discovered it inflexible from the security point of view. This paper has discussed various security aspects of UNIX operating system along with some types of attack that can be applied to UNIX operating system. This paper has outlined some fundamental issues those compromise the security and privacy of the UNIX system. This paper has also outlined possible mitigation policies of such security issues and problems. Bibliography Amarante, M. & Gomes, F., 2003. Introduction to Unix security concepts. Unix Security , 19(4). Curphey, M. & Araujo, R., 2006. Web Application Security Assessment Tools. IEEE Security and Privacy, 4(4), pp.32-41. DeGrosse, M.A. & Bohn, M.R., 2006. An Overview Of Unix Security. [Online] Available at: http://www.oppapers.com/essays/Overview-Unix-Security/94183 [Accessed 06 March 2011]. Ott, A., Ievlev, S. & Klopping, H., 2002. The RSBAC library: 1.2. UNIX security related problems. [Online] Available at: http://books.rsbac.org/unstable/x115.html [Accessed 04 March 2011]. Ray, R., 2004. Technology Solutions for Growing Businesses. New York: American Management Association (AMACOM). Seifried, K., 2001. Authentication. [Online] Available at: http://www.seifried.org/lasg/authentication/ [Accessed 06 March 2011]. Seifried, K., 2001. Backups. [Online] Available at: http://www.seifried.org/lasg/backups/ [Accessed 06 March 2011]. Seifried, K., 2002. Physical and console security. [Online] Available at: http://www.seifried.org/lasg/system/index.html [Accessed 07 March 2011]. Seifried3, K., 2001. Attack detection. [Online] Available at: http://www.seifried.org/lasg/attack-detection/ [Accessed 05 March 2011]. Seifried4, K., 2001. Intrusion testing - scanning / intrusion tools. [Online] Available at: http://www.seifried.org/lasg/intrusion-testing/ [Accessed 06 March 2011]. Seifried5, K., 2001. Firewalling. [Online] Available at: http://www.seifried.org/lasg/firewall/ [Accessed 08 March 2011]. Sheer, P., 2002. 44. UNIX Security. [Online] Available at: http://rute.2038bug.com/node47.html.gz [Accessed 06 March 2011]. The Open Group, 2010. What is UNIX ®?. [Online] Available at: http://www.unix.org/what_is_unix.html [Accessed 04 March 2011]. Tsitsivas, H. et al., 2003. UNIX System Management and Security: Differences between Linux, Solaris, AIX and HP-UX. [Online] Available at: http://www.sans.org/reading_room/whitepapers/unix/unix-system-management-security-differences-linux-solaris-aix-hp-ux_936 [Accessed 05 March 2011]. UNIX Systems Cooperative Promotion Group, 1997. The UNIX Operating System: Mature, Standardized and State-of-the-Art. [Online] Available at: http://www.unix.org/whitepapers/wp-0897.html [Accessed 03 March 2011]. Wheeler, D.A., 2003. Secure Programming for Linux and Unix HOWTO. [Online] Available at: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html [Accessed 05 March 2011]. Zhang, Y. et al., 2009. A New Approach for Accelerating IPSec Communication. 2009 International Conference on Multimedia Information Networking and Security,mines, 2, pp.482-85. Zheng, L. & Zhang, Y., 2009. An Enhanced IPSec Security Strategy. 2009 International Forum on Information Technology and Applications, ifita, 2(1), pp.499-502. Read More