StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

The Significance of Systems Configuration and Management for a UNIX System - Essay Example

Cite this document
Summary
This essay "The Significance of Systems Configuration and Management for a UNIX System" discusses detailed analysis of security-related aspects for the UNIX operating system. This essay analyses some fundamental issues that compromise the security and privacy of the UNIX system…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER92.4% of users find it useful
The Significance of Systems Configuration and Management for a UNIX System
Read Text Preview

Extract of sample "The Significance of Systems Configuration and Management for a UNIX System"

?Practical UNIX Security Table of Contents Introduction UNIX is the most popular operating system which has been used extensively, and a lot of people still use it as it has been used in the past. However, a lot of IT experts who used UNIX systems in the earlier period discovered it inflexible from the security point of view. As its control was inspiring, its command-line interface needed technological proficiency; its grammar or syntax was not perceptive, and its interface was not user friendly. However, in the IT market, the UNIX operating system has been the medium for broad transformations that have authorized consumers to seek high quality devoid of random limitations imposed by administrative situations. Furthermore, in the UNIX system's early periods, security feature was almost absent. Then, the UNIX system became the first operating system to undergo attacks raised over the promising Internet. With the passage of time, the security arrangement moved from centralized to distributed verification and permission systems (UNIX Systems Cooperative Promotion Group, 1997) and (The Open Group, 2010). This paper discusses various security aspects of UNIX operating system along with some types of attack that can be applied to UNIX operating system. The basic aim of this paper is to describe in a systematic manner the significance of systems configuration and management and how to undertake systems configuration and management for a UNIX system. Security Considerations With the advancements in the technology the chances of security attacks and their intensity is also increasing. In the past, a lot of security and privacy attacks have greatly influenced a large number of organizations and businesses. Some well known examples of these attacks include, security develops Nimda, Code Red, RPC buffer overflows, SQL Slammer Worm, SSH vulnerabilities. Thus, to deal with such new types of security attacks a good security management patch as well as effective security strategy is very important, which can help secure organization’s systems and networks. Seeing that the businesses having a high-quality patch security strategy (which implemented all the recognized patches to the target systems) were not influenced or were least influenced as compared to those businesses which neglected patch security strategies and faced harsh issues like business downtime of numerous days and failure of business effort (code as well as data). In this scenario, all the practical systems have their own techniques for implementing security patches. Additionally, HP-UX, Solaris and AIX program and patch installation techniques allow the elimination of an application or a patch by restoring some overwritten operating system files as the “save” alternative is employed (that is the default option). In addition, the capability to get rid of a (reminded) security patch makes simpler patch administration on these systems liberating the manager from planning routine techniques for patch management and permitting the administrator to focus on improving system security. For this purpose, HP, Sun and IBM offered standard security patch packages for download a number of times every year, in addition to individual patch downloads as well as patch announcement services which can be received via electronic mail (without paying registration fee). Moreover, specific patch downloads are always available at retailer’s websites and a few mirrors for Red Hat Linux. However, the accessibility of alternatives is significant, for the reason that standard patch packages make simpler the normal application of patches as well as get rid of the need for numerous reboots and/or system configuration changes, as individual patch downloads permit the system application of a security patch at the instant as it is accessible (Tsitsivas et al., 2003), (Zheng & Zhang, 2009), (Curphey & Araujo, 2006) and (Ray, 2004). UNIX Security Overview Normally, all UNIX-based or other systems encompass particular log on procedures. However, these procedures depend on an individual’s access rights, since a person is normally given an account or group with which to use the terminals or workstations. This permission can generally give different access credentials, which depend on that individual's requirements. However, user accounts have some limitations, for instance, to which operations one can perform, in order to secure the UNIX system from any planned or accidental attack. In this scenario, recognizing the potentials and restrictions of an OS, its administration actions and software installation and how to organize and handle additional system software is an important element to ingredient of keeping systems safe. In this scenario, the businesses that keep the things easy (e.g. utilize simply one system class) are able to have high-quality recognition of their operating environment, its boundaries and weaknesses as well as should be capable to protect their system comparatively in a simple manner. On the other hand, only few corporations have the comfort of operating in a particular retailer/particular operating system atmosphere for the reason that PC desktops are presented in the majority well-established UNIX shops and UNIX computers can be presented in many Personal Computer shops. Moreover, the relative simplicity of moving system applications among UNIX editions as well adds to a propagation of diverse OS kinds and versions, making the task of protecting similar organizations really difficult, for the reason that even though there are a lot of resemblances exist among the different Operating System kinds there as well a lot of differences. For instance, a system administrator can possess a lot of knowledge of one version of UNIX, managing one or more versions of UNIX can need extra information for offering similar quality of service as well as security situation (Tsitsivas et al., 2003), (DeGrosse & Bohn, 2006) and (Amarante & Gomes, 2003). Main Security Vulnerabilities This section outlines some security and privacy related problems and issues. These issues are UNIX related and involve some potential security attacks which can be seen on UNIX system: Buffer overflow attacks: In this type of attack the client memory buffer is filled up to stop the system working as well as preventing it from processing any further request. In this kind of attack the system working is badly affected as well as system is not able to response user actions (Sheer, 2002) and (Ott et al., 2002). Setuid programs: A program that has the capability to execute without some core rights in an attempt to control UIDs of a different user. In this kind of attack the system control is hacked by an attacker and the system’s working is influenced by that attack problem. Moreover, the vulnerability or susceptibility is more probable to be established in some setuid program that is large and difficult (Sheer, 2002) and (Ott et al., 2002). Network client programs: It occurs when our FTP client is connected to a distant unsecured website. If the website server processes a response that the FTP client is not able to take control (like, a reply that is too long which creates the problem of buffer overflow), it could permit malevolent code to be performed through the FTP client in support of the network server. Therefore it is quite probable to exploit a security weakness in a client application with immediately waiting for that program by connecting to our website (Sheer, 2002) and (Ott et al., 2002). Permission problems: A directory allows the system administrator to see who can use the system. In other words, a person does not have the access to the resources if he does not exist in the admin group. However, it is not simple to see when there are thousands of directories and hundreds of users and groups. In this scenario, it become very difficult to see who is able to access what, when, and why since it involves complex scripts to be implemented to perform authorization tests as well as sets. Environment variables: In this type of issues we have lots of means of making and understanding environment variables to utilize susceptibility or get information that will negotiate UNIX system security. However, environment variables should by no means keep confidential information such as security codes or passwords (Sheer, 2002) and (Ott et al., 2002). Password sniffing: Special types of software are used to get admittance to user password. These programs are hidden inside the system as well as have the capability to access user password through sniffing the data packets. After accessing the user password the attacker can get hold of the system control plus make several critical problems (Sheer, 2002) and (Ott et al., 2002). Denial of service attacks: This is the most common type of security attacks that is used to stop or destroy the normal working sequence of several systems. In this scenario an attacker attacks the system by sending countless fake or false requests. Thus, it becomes almost impractical for the system to manage and handle such large number of user requests (Sheer, 2002) and (Ott et al., 2002). Response to UNIX Security Attack This section discusses some guidelines which can be used to effectively manage the privacy and security related aspects of the UNIX system: Physical and console security Seeing that the greater part of random and secluded attacks arrive over the network thus physical and console security are significant aspects. In an ideal situation each machine has to be protected with access to the console (like retune switch, keyboard as well as monitor) strongly restricted. Unluckily this is not an ideal world and it is exceptional to discover a physically safe system apart from a server area. In this scenario the initial step to confirm security of the system we need to strongly protect the system physically (Seifried, 2002). Backups For the better system security management, backups can be a high quality system security management tool that offers enhanced security of the overall business as well as corporate by replicating the information and data. Thus, in case of any possible attack and system crash we can initiate the overall system as of the start (Seifried, 2001). Authentication Authentication is normally one of the two major forms of protection that UNIX systems and networks depend upon; consequently making sure that our authentication sub-systems are working properly is significant. However, most of the Linux systems depend on user-names as well as passwords, as support for smartcards, tokens and additional authentication systems are also available they are yet comparatively infrequent. In this scenario, for the enhanced security management we need to make sure that an appropriate and strong login based system is implemented (Seifried, 2001). Attack detection No matter how high-quality our security is, it can be negotiated or violated. Due to the fact it is extremely significant to encompass a variety of structures of attack discovery at hand, as a result that when an event occurs we are prepared to it the instant feasible (also not while we initiate receiving objection as of other sites). For attack detection we need to implement a solid UNIX system security policy that can be able to ensure the enhanced working along with operational performance of the system (Seifried3, 2001) . Intrusion testing - scanning / intrusion tools In last few years amount of security systems and tools for UNIX has augmented noticeably, and the majority of them are freely available on the Internet. In the overall security and privacy management at the UNIX system we need to adopt better security procedure that can effectively control and manage the possible inside or outside security breaches or intrusions. For this purpose there are a lot of intrusion detection tools available those can effectively detect and fix possible security and privacy related issues (Seifried4, 2001). Firewalling In UNIX based system firewalling refers to the process of checking and filtering network data packets, normally at the place where our network is connected to some other network, which can be susceptible. Moreover, a network firewall is capable to stop the expansion of an attack if one part is negotiated effectively (Seifried5, 2001), (Wheeler, 2003). Conclusion This paper has discussed a detailed analysis of security related aspects for the UNIX operating system. UNIX is the most popular operating system which has been used widely, and a lot of people still use it as it has been used in the past. However, a lot of IT experts who used UNIX systems in the earlier period discovered it inflexible from the security point of view. This paper has discussed various security aspects of UNIX operating system along with some types of attack that can be applied to UNIX operating system. This paper has outlined some fundamental issues those compromise the security and privacy of the UNIX system. This paper has also outlined possible mitigation policies of such security issues and problems. Bibliography Amarante, M. & Gomes, F., 2003. Introduction to Unix security concepts. Unix Security , 19(4). Curphey, M. & Araujo, R., 2006. Web Application Security Assessment Tools. IEEE Security and Privacy, 4(4), pp.32-41. DeGrosse, M.A. & Bohn, M.R., 2006. An Overview Of Unix Security. [Online] Available at: http://www.oppapers.com/essays/Overview-Unix-Security/94183 [Accessed 06 March 2011]. Ott, A., Ievlev, S. & Klopping, H., 2002. The RSBAC library: 1.2. UNIX security related problems. [Online] Available at: http://books.rsbac.org/unstable/x115.html [Accessed 04 March 2011]. Ray, R., 2004. Technology Solutions for Growing Businesses. New York: American Management Association (AMACOM). Seifried, K., 2001. Authentication. [Online] Available at: http://www.seifried.org/lasg/authentication/ [Accessed 06 March 2011]. Seifried, K., 2001. Backups. [Online] Available at: http://www.seifried.org/lasg/backups/ [Accessed 06 March 2011]. Seifried, K., 2002. Physical and console security. [Online] Available at: http://www.seifried.org/lasg/system/index.html [Accessed 07 March 2011]. Seifried3, K., 2001. Attack detection. [Online] Available at: http://www.seifried.org/lasg/attack-detection/ [Accessed 05 March 2011]. Seifried4, K., 2001. Intrusion testing - scanning / intrusion tools. [Online] Available at: http://www.seifried.org/lasg/intrusion-testing/ [Accessed 06 March 2011]. Seifried5, K., 2001. Firewalling. [Online] Available at: http://www.seifried.org/lasg/firewall/ [Accessed 08 March 2011]. Sheer, P., 2002. 44. UNIX Security. [Online] Available at: http://rute.2038bug.com/node47.html.gz [Accessed 06 March 2011]. The Open Group, 2010. What is UNIX ®?. [Online] Available at: http://www.unix.org/what_is_unix.html [Accessed 04 March 2011]. Tsitsivas, H. et al., 2003. UNIX System Management and Security: Differences between Linux, Solaris, AIX and HP-UX. [Online] Available at: http://www.sans.org/reading_room/whitepapers/unix/unix-system-management-security-differences-linux-solaris-aix-hp-ux_936 [Accessed 05 March 2011]. UNIX Systems Cooperative Promotion Group, 1997. The UNIX Operating System: Mature, Standardized and State-of-the-Art. [Online] Available at: http://www.unix.org/whitepapers/wp-0897.html [Accessed 03 March 2011]. Wheeler, D.A., 2003. Secure Programming for Linux and Unix HOWTO. [Online] Available at: http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html [Accessed 05 March 2011]. Zhang, Y. et al., 2009. A New Approach for Accelerating IPSec Communication. 2009 International Conference on Multimedia Information Networking and Security,mines, 2, pp.482-85. Zheng, L. & Zhang, Y., 2009. An Enhanced IPSec Security Strategy. 2009 International Forum on Information Technology and Applications, ifita, 2(1), pp.499-502. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“MSc Practical UNIX Security Essay Example | Topics and Well Written Essays - 2000 words”, n.d.)
Retrieved from https://studentshare.org/environmental-studies/1408952-msc-practical-unix-security
(MSc Practical UNIX Security Essay Example | Topics and Well Written Essays - 2000 Words)
https://studentshare.org/environmental-studies/1408952-msc-practical-unix-security.
“MSc Practical UNIX Security Essay Example | Topics and Well Written Essays - 2000 Words”, n.d. https://studentshare.org/environmental-studies/1408952-msc-practical-unix-security.
  • Cited: 0 times

CHECK THESE SAMPLES OF The Significance of Systems Configuration and Management for a UNIX System

Practical UNIX Security LDAP

Likewise, every system maintains a user account in a file locally at '/etc/password.... This essay " Practical unix Security LDAP" discusses the support for multiple platforms, access control list, auditing along strong Kerberos security makes LDAP server the best choice, to deploy in a multi-platform network environment.... nbsp;… As the infrastructure of unix is flexible, in common, unix systems operate on the most fundamental authorization and authentication methods i....
7 Pages (1750 words) Essay

Aircraft Landing Gear System

This essay "Aircraft Landing Gear system" discusses errors affecting closed-loop systems; open and closed-loop systems and open-loop diagrams.... In a system with multiple receivers, each receiver is assigned a value.... hellip; The MIL 1553B Databus has a similar data-bit configuration with ARINC 629, with its 20-bit word data format, the first three bits devoted to syncing waveform, then next 16 bits to data, and the last bit to parity field....
7 Pages (1750 words) Essay

Computer Systems and Virtualization

The OS (operating system) along with hardware is similar even before virtualization.... The division of hardware makes the resource transmission simple as an operating system (OS) needs to utilize all resources that are available in a box.... Optimal resource management is achieved by the virtual server; we can also say that there is no requirement for deploying a web application and its components for migration of web services to some other hosts that are subjected to re-installation of the new operating system....
13 Pages (3250 words) Assignment

Database Management System Assignment

This thesis provides a benchmark to assess the performance of storing binary large objects (BLOB) in a relational database management system.... This thesis provides a benchmark to assess the performance of storing binary large objects in a relational database management system.... Deciding which database system, operating system, or hardware configuration is best suited for the application is now feasible.... The storage and retrieval of these items can be accomplished through a database system using a column type capable of storing binary data (commonly referred to as a "binary large object" or a BLOB)....
19 Pages (4750 words) Assignment

MAC Service Preservation

For enhancing the MAC service availability for the end-users along with the management of network support, MAC bridges need the following configuration (5):A bridge is not accessible directly from communicating end-users excluding the end station that is utilized for management, as frames that are exchanged to the end-users are tagged with the MAC address associated with peers along with the address field of the destination, as MAC address of the bridge is not tagged....
5 Pages (1250 words) Case Study

Windows XP Vs Linux Ubuntu

Memory management is one of the core part of the operating system.... The memory system should be optimized to increase the overall performance and speed of the system.... Virtual memory is an important concept in the context of the Memory Management system.... Operating system will provide this facility by making use of secondary storage - the hard disk - to fulfill the extra memory requirement.... Windows is a closed source desktop operating system, while Linux is an open-source version of UNIX file system and is used as a powerful, low-cost operating system for running servers....
9 Pages (2250 words) Case Study

The Specific Need for Change of Strategy in Aircraft Maintenance Organizations

This paper recommends outlines solution necessities and technology for the automation of asset life-cycle management for institutions that maintain aircraft.... Therefore, human conducts and management in aviation operations are measured to be complete safety oriented.... This study looks into history and background of aircraft maintenance and the existing system of maintenance.... hellip; This research paper will explain historical and existing aircraft maintenance system adopted and performed geographically at maintenance and repair facilities....
19 Pages (4750 words) Research Paper

Installation and Configuration of an Operating System

the significance of monitoring tools is to assist the computer in deciding the system, fixing systems and processes, managing resources in the system and examining systems.... The operating system is a program that operates on a computer.... The operating system does essential tasks such as sending information to the monitor, keeping track of information on the disk, recognizing any input to the computer from the keyboard and controlling printers and disk drivers....
5 Pages (1250 words) Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us