Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.

For the best experience please use the latest Chrome, Safari or Firefox browser.

CIS 527

Lecture 5 - Permissions & Security

Windows Updates

Ubuntu Updates

Advanced Packaging Tool - APT

  • apt-get install <package>
  • apt-get build-dep <package>
  • auto-apt run <command_string>
  • apt-get update
  • apt-get upgrade
  • dpkg-reconfigure <package>
  • apt-get remove <package>
  • apt-get purge <package>

Windows Firewall

Ubuntu Firewall (UFW)

Uncomplicated Firewall (UFW)

  • ufw allow <port>
  • ufw allow <port>/tcp
  • ufw deny <port>
  • ufw delete <original_rule>
  • ufw allow <service_name>
  • ufw allow from <ip_address> to <ip_address> port <port>

Iptables

  • iptables -A INPUT --dport <port> -j ACCEPT
  • iptables -A INPUT -p tcp --dport <port> -j ACCEPT
  • iptables -A INPUT -p tcp --dport <port> -j REJECT
  • Must save and restore rules on restart

Trend Micro AntiVirus

ClamAV

Software Evaluation

  • You work for an insurance company
  • You receive a request to install unknown software on a system

  • How do you ensure the software is safe to use?
  • What are the risks?

Reputable Sources

  • Verify the software comes from a well-known source
  • Do they create other programs?
  • Have they been reviewed?

Support Offerings

  • What does the company offer for support?
  • Is there an active user community?
  • Are there common problems reports in forums
  • Can you request in-person help if major issues arise?

Company History & Coding

  • Does the company have a history of software issues?
  • Do they have proper coding practices in place (code reviews, secure processes, etc.)?
  • Are they frequently issuing security fixes? (Is that a good thing or a bad thing?)

Code Signing

  • Similar to Web Security certificates
  • Allows publishers to verify that the software came from them
  • Can be subverted if the root certificate is compromised
  • Ex: Windows WQHL Drivers

Checksum Verification

  • Many sites provide checksums for software that can be downloaded
  • Verifying the checksum ensures that it hasn't been changed or corrupted

Extra Software

  • Many less-reputable programs install extra software (toolbars, adware, malware, etc.)
  • Those programs may be MUCH worse than the actual program installed
  • Read installers CAREFULLY!
  • Use system monitoring tools to see what changes during installation

Data Storage & Access

  • Where does the program store data?
  • Is it encrypted or plain-text?
  • What data does it request?
  • How does it use the data?

Monitor Network

  • Once software is installed, it usually has full network access
  • Use tools such as TCPView and netstat to monitor network connections
  • Look for connections to random servers or large data throughput

Network Usage

  • What data does it send through the network?
  • Is the data encrypted or plain-text?
  • What protocols and ports does it use?

Read License Agreement

  • Read the license agreement; it may surprise you
  • Make sure you understand EVERYTHING that it covers
  • Acknowledge the rights you are giving away

Use Testbeds

  • Test the software on a variety of systems
  • Spend time testing (don't just install and review)
  • Test on a variety of systems and configurations
  • Roll out in stages in large organizations

Install Updates

  • Install updates provided by the manufacturer
  • Test updates before installing
  • Monitor the system and report bugs

Permissions

  • Determines which users can read/write files
  • Based on user and group memberships
  • Helps prevent unwanted access to files

Windows Permissions

Windows Permissions

  • Full Control - Can take ownership & change permissions
  • Modify - Read/Write/Change/Delete
  • Read & Execute
  • List Folder Contents - Folders Only
  • Read - Access files
  • Write - Modify files

Ubuntu Permissions

Ubuntu Permissions

  • 3 classes: User, Group, Others
  • 3 rights:
    • Read - Can read contents
    • Write - Can create/modify/delete
    • Execute - Can run programs/scripts

Modifying Ubuntu Permissions

  • chmod - Change permissions
    • chmod [class][op][mode] file/folder
    • chmod [octal_mode] filename/folder
  • chown - Change User/Group (sudo)
    • chown [user]:[group] filename/folder
  • chgrp - Change Group (must own file)
    • chgrp [group] filename/folder

Octal Modes

  • R = 4, W = 2, X = 1
  • Sum the numbers to get mode
  • 660 = rw-rw----
  • 644 = rw-r--r--
  • 700 = rwx------
  • chmod 644 <filename>

Assignments

  • Lab 1 - Secure Workstations - Due Sunday, Feb 9th by 12:30 PM
  • Build secure Windows & Linux using VMWare Workstation
  • Turn in:
    • CIS Transient Storage
    • via Storage Media in class Monday Feb 9th