Linux Security

Linux Security

  • Submitted By: MSjr
  • Date Submitted: 08/16/2011 7:16 PM
  • Category: Technology
  • Words: 930
  • Page: 4
  • Views: 494

Martin Spear Jr.

SELinux kernel was developed by the National Security Agency (NSA). It is implemented as a Linux Security Module, which is an extension of the Linux kernel that lets security mechanisms be easily added to the kernel itself. The NSA’s National Information Assurance Research Laboratory (NIARL) investigate and build upon the architecture of security implementation for purposes of keeping it more secure and still smooth functioning operating system. By default SELinux is built in to the 2.6 kernel and simply needs to be turned on, along with setting the policies and tools. SELinux-targeted policy, this is the default, locks down daemon processes that are most potential for critical attacks. You can override the default settings and put SELinux into permissive mode. When doing this you can still log into the system, it will just give a bunch of error messages in the process. You can also put it into enforcing mode from the boot prompt. SELinux is pretty much like the back wall that is set around the less secure setting on your firewall. The policies that it implements on the limit of an attack on your server as a whole: Apache, Samba, FTP, NFS, and others. All information gathered on SELinux in this report can be found in our Virtual Library under and books that have to deal with Linux operating system and how it works. Most any book I pulled up offered the same information that this did as many others do as a teaching tool. SELinus is used on daily basis as a security tool with companies and personal use today. Chroot Jail is a method of “jailing” services to limit the power they have on a local system. In chroot jail, you create an isolated location from where you can run programs that are separated from the actual file. This is extremely useful for diverting hackers or people that want to do harm to your system by keeping them in a false root folder directory. By doing this those that would do harm are now trapped in the false...

Similar Essays