Date post: | 29-Dec-2015 |
Category: |
Documents |
Upload: | eustace-hood |
View: | 219 times |
Download: | 0 times |
SCSC 455 Computer Security 2011 Spring
Chapter 3
User Security
Index
Password security Pluggable Authentication Modules (PAM) User security utilities sudo utility
Access computer system
Users can access computer systems in two different ways: To use client software that connects to a server
Q: What is client/server computing paradigm?
Q: what is a server? The user’s access is limited to the functions performed by the
service running on the server
To log in as a user on the system The user must have a valid user account The user must enter a password corresponding to a user ID
Creating good passwords and keeping them secure is crucial
Creating good passwords
What are the good practices of creating passwords?Must be long enough (the length >= 8 characters) Include at least one number or symbol (@#$%^&*) Could include two or three words separated by symbols or
numbers Using words are foreign or altered so that they do not appear
in a dictionary Using a series of numbers or a pattern of altered letters can
make it easier to remember
Examples …
Attack on Passwords
Attackers utilize social engineering to gain access to your system Q: What is social engineering? Examples …
Attackers can also resort to brute force attack Q: what is brute force attack?
all possible combinations are tried until one succeeds in guessing a password
How to protect passwords?
Protect password from social engineering Passwords must not be written down
especially not anywhere near the computer to which they provide access
Passwords must be chosen carefully so they can be remembered without a written aid
Passwords should not include easily guessed words or numbers
Users should never tell anyone their password
Q: How to protect password from brute force attack?
Linux Password files When a new user account is added to the system, a
single line is added to file /etc/passwd
Example …
The actual encrypted password is stored in the file /etc/shadow can only access by root In Red Hat Linux, passwords are encrypted by MD5 by default
Example …
Q: why using two files for passwords?
Managing Linux Passwords
Each user can change his/her password using the passwd utilitye.g. $ passwd When this command is entered, the user is prompted to enter
their current password, then their new password two times passwd utility performs a few basic checks on the entered
password based on the configuration of Linux PAM modules.
Root can change any user’s passworde.g. # passwd bob
Caution: should NOT edit /etc/password and /etc/shadow files directly in a text editor.
passwd command-line options
useradd command-line options for password control
Index
Password security Pluggable Authentication Modules (PAM) User security utilities sudo utility
Pluggable Authentication Modules The Pluggable Authentication Module (PAM) was
developed by Sun Microsystems PAM is an architecture and set of libraries that let a
programmer create a module to perform a specific security-related function
System administrators can select, configure, and then use one or more PAM modules to control the PAM aware Linux programs
How to use PAM? select the modules necessary to to control the activity
of a program list them in the program’s configuration file
(The details of PAM are not required in this course.)
Index
Password security Pluggable Authentication Modules (PAM) User security utilities sudo utility
Security utilities for users There are many security utilities that system
administrators and users need to be aware of Some of security utilities are PAM controlled Others are separated packages that you have to
install and configure before using
Security utilities for users (next a few slides)
Utilities for console security Utilities for login security Utilities for file security Utilities for monitoring user activities
Utilities for console security
Screen locking programs disable
keyboard input and hide the
screen so that private information
is not visible nor accessible
vlock is used from a text console
xlock is employed from a graphical interface
Linux desktop (Gnome and KDE) also have their own screensaver
Utilities for login security /etc/securetty file
The root user can only log in from terminals that are listed in the file /etc/securetty
By default this file contains only the virtual consoles terminals.
None of the network or other devices are listed Root cannot login from network
/etc/nologin file If /etc/nologin exists, only root can log in
The contents in this file are displayed for any user tries to log in
When this file is deleted, all users can log in again
SUID
Set UID bit (SUID) Executable files can have a special file permission set
SUID causes files to take on the permissions of the user who
owns the file rather than the user who executed the file Root can set SUID for a file # chmod u+s
Warning: Too many files with SUID is a great security risk any user on the system could easily get root access.
Utilities for file security Linux file systems support a number of attributes that
you can set on files Notice that: these attributes are different from file access
control attributes (r, w, x)
Examples …
Utilities for monitoring user activities Linux includes a number of utilities for monitoring
user activities who – list all of the users who are currently logged in
on the system. who am i (to see who you are logged in as)
w - list all of the users who are currently logged in with their username, terminal, the command that the user is currently running, CPU time … includes the remote location from which the users has
logged in
Utilities for monitoring user activities
mesg – Enable or disable the ability of other users to send a message to your screen (by using utilities such as write, talk).
dmesg – print the contents of the kernel ring buffer to screen. kernel ring buffer is a memory area holds messages
generated by the kernel. Using dmesg utility to monitor all hardware related
messages
Utilities for monitoring user activities
last – display a history of user log-ins and log-outs, system reboot information
Examples …
Index
Password security Pluggable Authentication Modules (PAM) User security utilities sudo utility
Why do we need “sudo” utility? Ans: If a server needs to be administered by a
number of people, it is normally not a good idea for them all to use the root account. difficult to determine exactly who did what, when and
where if everyone logs in with the same credentials. The sudo utility was designed to overcome this
difficulty.
Sudo
Sudo lets you assign privileges to any user account to execute only specific programs. The system administrators can complete common
administration task without login as root or su to root
Examples …
/etc/sudoers configuration file to determine which user can perform which task.
How does sudo utitlity work?
The basic format of a configuration linein /etc/sudoers
user host = command_list
Example …
Note that: to edit /etc/sudoers file, you must use the visudo program
The security concern of sudo utility Sudo utility can present security dangers if not
properly configured A user should have exactly as much as access as
her job requires. “need to know” “least privilege” A malicious user will try to use access to a single
command to gain access to other commands.
Example …
The security concern of sudo utility Many program support shelling out.
Q: what is “shelling out” ?
The sudo utility cannot control it once the power is handed out.
Conclusion: system administrator must hand out sudo power carefully.