David,
You have a tough job. Guarding against outside attacks is tough.
Guarding against untrusted users is tougher. Guarding against malicious
users is really tough!
You will find most of the available documentation relates to guarding
against outside attacks - i.e. firewalls, securing ports, etc.
Keep in mind that no existing system is completely, 100% secure and
yours is unlikely to be the first! :-) Your goals should be to try to:
1) Minimize the number of attacks
2) Guard against attacks, particularly those
that require lower skill levels to execute
3) Monitor for attempts and successful attacks
4) Prepare for recovery after an attack
5) Review and improve #1-#4 continuously
A fairly easy and effective way to implement #1 is to enforce a "zero
tolerance" cracking policy. "We catch you messing with the system, your
privileges get revoked, no questions asked." This is akin to locking
your car - doesn't even slow down the black hats but keeps the average
joe from being tempted to look through your change tray.
Implementing #2 is the tough part. Some highlights include:
- Remove *every* piece of software that is not needed by
the users, even if it makes your job of administration
a little tougher - i.e. su, gcc, etc. should all go.
Tools that can't be removed, but only root needs,
should only be readable and executable by root - i.e.
route, ifconfig, etc. This is a big task, but think about
every piece of software. Why is it on my system? Who
uses it? Why? - i.e. do your users really need ping?
- Users should log into a chroot jail
- Services that aren't needed, should be disabled and its
software removed - i.e. finger.
- REQUIRE secure passwords and REQUIRE passwords to be changed
periodically. Yeah, I know users whine that their password
can't be dog123! Don't use the same admin. passwords on multiple
machines.
- Keep the system physically secure.
- Keep the system up to date by applying updates and patches when
they become available.
- Do not publish system specs or security information. Do not
discuss security measures... yes the much maligned 'security
through obscurity' is a valid security procedure but ONLY
when used in conjunction with real security measures.
Implementing #3 is boring, time consuming and extremely important.
Tripwire, snort and any number of other admin. tools are available to
keep an eye on the system. Create a 'whitelist' of 'normal' processes
and constantly compare against the list of running processes. Actually
look at the log files.
Don't fool yourself into thinking that you are so good that you don't
need #4. A system backup (i.e. tape) is a good start, but you will also
need a CD or floppy of known good systems tools (ps, top, ls, etc.)
should you think you have a problem.
Have a plan in place to save the cracked system so that you can
determine how it was cracked since simply restoring the system back to a
crackable state isn't of much value.
And finally review, review, review. Subscribe to the security mailing
lists to keep up to date on what is going on. Always be on the look out
for better ways to do everything.
I hope this was helpful.
Pete
>Appreciate any pointers, even on security in general. T.I.A.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_____________________________________________________________________
Ltsp-discuss mailing list. To un-subscribe, or change prefs, goto:
https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help, try #ltsp channel on irc.openprojects.net
