In this paper I will go over 3 different types of Linux security technologies those follow with SELinux, chroot jail, and iptables. These technologies aid in prevention of identity theft. I will help you understand what they are and who designed them and what good they are for you to use them. In the next paragraphs you will be able to decide which one is for you and more about the use of them.
Under the GPL in late 2000 SElinux was released from the National Security Agency’s Office of Information Assurance. More recently it was developed by the open source community with the help of NSA. SElinux currently ships as a part of Fedora Core, and it’s supported by Red Hat. Also there are packages that exist for Debian, SuSe, and Gentoo although at this time these were unsupported by anyone. SElinux is based on the concept of Mandatory Access Control. Under MAC, administrators control every interaction on the software of the system.
A least privilege concept is used, by default applications and users have no rights, because all rights have to be granted by an administrator because of the system’s security policy. Under DAC, the files are owned by the user also that user has full control over them.
If an attacker penetrates that user’s account they can do whatever with the files owned by that user. Standard UNIX permissions are still present on the system, and will be consulted before the SElinux policy during access attempts. If the standard permissions deny access the access is denied so therefore SElinux is not involved. When the standard file permissions do allow access, the SElinux policy will be consulted and access is either gained or denied based on the security contexts of the source process and the targeted object.
During the development of Version 7 Unix in 1979 the chroot system call was introduced, and added to BSD by Bill Joy on 18 March 1982, 1 ½ years before 4.2BSD was released in order to test its installation and build system. With UNIX based...