Linux Security Strategies
Comparing Linux Security Applications
The pervasive adoption of the Linux operating system has led to a proliferation of new security tools and applications for ensuring the security of systems and applications. The intent of this analysis is to evaluate chroot jail, iptables and SELinux. These three security technologies are evaluated from the standpoint of which organizations were behind their development, in addition to an explanation of how each technology changes the Linux operating system to make it more secure. Finally the types of threats that each of the technologies is designed to eliminate is also discussed.
Analysis of chroot jail
The chroot jail command was developed and first introduced during the initial development of the Unix Version 7 operating system in 1979 to ensure that users of UNIX-based workstations could still navigate to the highest levels of directories on their systems. The Berkeley System Division (BSD) versions of UNIX were very popular in the 1982 timeframe, immediately began using this command as a means to protect the rapidly expanding number of accounts on this operating system.
The chroot jail command was designed to provide user account-level access to the / home/user directory. Without this command...
Storage management, creating and maintaining a file system, and integrating them into networks also share a common set of functions that allow for programmer flexibility in terms of their use and sequencing through an application. These functions are specifically called as part of the kernel of the Linux operating system, and as a result they can be selectively updated very quickly. A full recompile of the entire operating system
Configuration of Microsoft Windows in more complex networking environments required an extensive amount of add-in software and programming to ensure all systems could work. Finally the levels of security inherent in the Microsoft Windows operating system continue to be problematic (Bradley, 2009). The Linux and UNIX operating systems are comparable in terms of kernel and memory architectures (MacKinnon, 1999)(Predd, Cass, 2005). There are variations in the pricing models used for
In addition the cost makes it expensive to own the hardware required to support these systems as personal computers. The university has also indicated its preference for the PC and the Windows operating system. All training and skill acquisition is also generally offered for the windows system in the college. Standardization and uniformity of the design platform of Microsoft has greatly enhanced the applicability in the workplace. Standard packages
Unix provides many more options to an administrator, and having a consultant may help decide what methods would be best for the individual circumstances; administrators making the switch from other platforms will be used to having to just make do with whatever is available rather than being able customize options for best fit. Being the administrator of a server is a skilled task, and is not something that should be
The Windows operating system architecture also allows for single sign-on and also relies on user name and password verification. The authentication process for a Windows operating system at the server level can also be configured to validate the identity of the person logging in at the Windows domain and Microsoft Active Directory Service levels as well. Certificates can be assigned to specific applications, databases and processes within a Windows sever-based
6.30. When there are no restrictions for unprivileged users and if the option for config_rdskernel configuration is set, hackers can write arbitrary values into kernel memory (by making specific types of socket function calls) since kernel software has not authenticated that the user address is actually found in the user segment. The lack of verification of the user address can provide hackers to gain privileges and access to areas that
Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.
Get Started Now