Question

In: Computer Science

Question 2. Pick three security failures of Linux system and explain how you would address them.

Question 2. Pick three security failures of Linux system and explain how you would address them.

Solutions

Expert Solution

1. Open Network Ports

2. Insecure and Badly Configured Programs

The use of insecure programs (such as PHP, FTP, rsh, NFS, and portmap) in other than carefully controlled situations and failure to configure other programs properly continues to be a major security sin.

Most sysadmins know that POP and IMAP (unless wrapped in SSL), telnet, and FTP4 send passwords and data in the clear (unencrypted). They know that PHP, NFS, and portmap have a history of security problems, as well as design defects in their authentication.

Many system break-ins relating to Linux and Unix Web servers happen via insecure CGIs.

Implement rings of security in CGIs.

Try to design your application so that even if it finds a CGI vulnerability, the system is protected from major damage. One solution is to have CGIs just be front ends for a solidly written server running on a different machine. The more hurdles a hacker must jump to reach the goal, the more likely it is that he or she will stumble.

3. Weak password

A variation is to use ssh public keys to allow an account on one system to ssh into another system without supplying any password. At the very least, pick a moderately hard-to-crack password for your ssh keys. If you must have an automatic program use ssh without a password to ssh into another system, then create either a separate nonroot account on the target system or an alternate account with UID 0 but a login "shell" that does just what is needed, such as doing a backup.


Related Solutions

Question 3. Pick three security failures of Mac system and explain how you would address them.
Question 3. Pick three security failures of Mac system and explain how you would address them.
Question 1. Pick three security failures of Windows system and explain how you would address them.
Question 1. Pick three security failures of Windows system and explain how you would address them.
How would you rather address the problems in the social security program. Will you fix the...
How would you rather address the problems in the social security program. Will you fix the current problem that we have now or create a new system like a pre-funded system where everyone did have their own account that will be airmaked for them. Discuss any problems you see with either one of them and which one would you rather support.
1.) Out of the five main population ecology characteristics, pick three of them and explain how...
1.) Out of the five main population ecology characteristics, pick three of them and explain how they are relevant to the current Covid-19 crisis. Identify three biomes with poor soil quality and explain why.
Describe, in detail, a research question you could address using GenBank. Explain exactly how you would...
Describe, in detail, a research question you could address using GenBank. Explain exactly how you would use GenBank to answer your question. If you would need information beyond what is in GenBank, explain what information. If not, explain why not
Hi, I'm doing a presentation on this 2 question below. how would you explain this to...
Hi, I'm doing a presentation on this 2 question below. how would you explain this to question in under 2 minutes each? can you please explain and verify the answer so that I can understand it clearly. 1. Use put-call parity to relate the initial investment for a bull spread created using calls to the initial investment for a bull spread created using puts. 2. Explain how an aggressive bear spread can be created using put options
In a decision tree, how does the algorithm pick the attributes for splitting? Would you explain...
In a decision tree, how does the algorithm pick the attributes for splitting? Would you explain it logically and specifically?
If you have a network with 300 computers explain how you would setup an IP address...
If you have a network with 300 computers explain how you would setup an IP address scheme to meet the needs of the network (draw this if necessary) If you get a computer that has the wrong IP address and is assigned via DHCP how can you get a new address? Answer for command line and gui. What does it mean when you get a 169.x.x.x address?
Explain security and privacy issues in an organization and recommend on how to deal with them
Explain security and privacy issues in an organization and recommend on how to deal with them
Question 1 Briefly describe how you would address these impacts when working with the Aboriginal and...
Question 1 Briefly describe how you would address these impacts when working with the Aboriginal and Torres Strait Islander people in your region.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT