Linux Research

In: Computers and Technology

Submitted By bbelt23
Words 541
Pages 3
The first thing I would like to talk about here would be SELinux, there are many contributors to SELinux but it all really comes back to four major organizations that are responsible for the initial public release of SELinux. These organizations include The National Security Agency, Network Associates Laboratories, The MITRE Corporation, and finally the Secure Computing Corporation. From my research I have found that it all really started with the NSA when they developed the LSM-based SELinux and made it part of Linux 2.6, and this has also led to the development of similar controls in the X Window System (XACE/XSELinux) and for Xen (XSM/Flask). Then NAI Labs implemented several additional kernel mandatory access controls, developed the example security policy configuration and also contributed to the development of the Linux Security Modules kernel patch. The MITRE Corporation helped several common Linux utilities because SELinux-aware and developed application security policies. The SCC developed a preliminary security policy configuration for the system that was used as a starting point for NAI Labs’ configuration, and also developed several new or modified utilities. SELinux controls access between applications and resources, and it does this by using mandatory security policy SELinux enforces the security goals of the system regardless of whether applications misbehave or users act carelessly. You can check of SELinux is enabled in Red Hat, or Fedora by using the getenforce command, if it returns enforcing SELinux is enabled and enforcing the policy. If you get permissive that means SELinux is enabled but is only logging failed accesses, not denying them. If Disabled is displayed then SELinux is not enabled on your system. Chroot was introduced to BSD by Bill Joy on March 18 1982, 17 months before 4.2BSD was released in order to test its installation and…...

Similar Documents

Linux

...Red Hat Enterprise Linux 5.3 Release Manifest Package Manifest for all Architectures. Red Hat Enterprise Linux Documentation Don Domingo Copyright © 2008 . This material may only be distributed subject to the terms and conditions set forth in the Open Publication License, V1.0 or later (the latest version of the OPL is presently available at http://www.opencontent.org/openpub/). Red Hat and the Red Hat "Shadow Man" logo are registered trademarks of Red Hat, Inc. in the United States and other countries. All other trademarks referenced herein are the property of their respective owners. 1801 Varsity Drive Raleigh, NC 27606-2072 USA Phone: +1 919 754 3700 Phone: 888 733 4281 Fax: +1 919 754 3701 PO Box 13588 Research Triangle Park, NC 27709 USA Abstract This document is a record of all package changes since the last minor update of Red Hat Enterprise Linux 5 1. Added Packages ................................................................................................................... 1 2. Dropped Packages .............................................................................................................. 19 3. Updated Packages ............................................................................................................... 20 1. Added Packages cmirror-1.1.36-1.el5 • Group: System Environment/Base • Summary: cmirror - The Cluster Mirror Package • Description: cmirror - Cluster Mirroring 1 Release Manifest cmirror-kmod-0.1.21-10.el5 • Group:......

Words: 32183 - Pages: 129

Linux

...LINUX PROGRAMMING FINAL NOTES UNIT 1ST THESE NOTES ARE AS PER SYLLABUS & WILL HELP YOU TO ACHIEVE SUCCESS IN FINAL EXAM OF MCA 5TH SEMESTER. LETS START: UNIT 1ST Linux – The Operating System: Linux is one of popular version of UNIX operating System. It is open source as its source code is freely available. It is free to use. Linux was designed considering UNIX compatibility. It's functionality list is quite similar to that of UNIX. Linux is a free distributed implementation of a Unix-like Kernel Developed by Linus Torvalds at the University of Helsinki with the help of programmers across the Internet. Linux history: * Linux features: Following are some of the important features of Linux Operating System. * Portable - Portability means softwares can works on different types of hardwares in same way.Linux kernel and application programs supports their installation on any kind of hardware platform. * Open Source - Linux source code is freely available and it is community based development project. Multiple teams works in collaboration to enhance the capability of Linux operating system and it is continuously evolving. * Multi-User - Linux is a multiuser system means multiple users can access system resources like memory/ ram/ application programs at same time. * Multiprogramming - Linux is a multiprogramming system means multiple applications can......

Words: 6867 - Pages: 28

Linux Research Paper

...NT1430 Linux Networking Research Paper Nicholas Lorick ITT Technical Institute St. Petersburg Campus NT1430 Linux Networking Research Paper All people in the IT field are familiar with the IPv4 protocol and they are quickly becoming familiar with the IPv6 protocol. Bradley (2012) states the following: Since the beginning of the internet, IPv4 has been synonymous with IP and few people ever stopped to think about which version of the protocol it was. But IPv4 has outlived its usefulness. Its successor, IPv6, after nearly two decades of development is finally ready to replace IPv4 as the backbone of the Internet. (p. 34) With all the new technology and devices now accessing the internet the move to IPv6 will eventually happen. According to Bradley (2012), IPv4 is out of IP addresses. IPv4 supports only 4.3 billion addresses; and with PCs, smartphones, tablets, and gaming systems connecting to the Internet, we are running out of IP address. IPv6 uses 128-bit addresses and can maintain 340 undecillion (340 × 1036) addresses. The IPv6 protocol brings with it other benefits. With IPv4 most of the internet relies on Network Address Translation. With IPv6, every device can have its own unique public IP address. Most home and small-business users have one IP address on the Internet -- the one for the router that links their hardware to their ISP. The router issues IP addresses internally to the devices that attach to it, but it must constantly keep track of which......

Words: 1059 - Pages: 5

Linux

...the creation of the Linux kernel by Linus Torvalds in 1991, many versions of Linux have been created. Due to the open source of the kernel, this gives advanced users the option to alter the kernel to their liking. This, in turn, has yielded a near endless amount of distributions and versions available out there. In my research, I have found the main versions of Linux have derived from Debian Linux, Slackware Linux, or RedHat Linux. However, the first distribution meant for the masses was Yggdrasil Linux (Citation). First, there were versions such as MCC Interim Linux developed by University of Manchester and TAMU developed by Texas A&M, however these were in-house developments not really meant to be widely distributed. Yggdrasil, one of the first widely distributed version of Linux, was described as a Plug and play Linux. Its’ initial release took place in December of 1992, but in the form of an alpha release. The beta version was released in 1993, and the official release the next year in 1994. It was the first Linux operating system distributed via a live CD-ROM. It included an automatic configuration of the software installation, much like we see today, making it very easy for even a novice user to set it up. Yggdrasil was not free, however, the company charged $39.95 per copy (Yggdrasil Computing). After conducting research of the number of distribution of Linux, the exact number could not be pinpointed. There are so many developers tweaking the Linux kernel and......

Words: 1003 - Pages: 5

Linux

...www.it-ebooks.info Praise for Previous Editions of A Practical Guide to Fedora and Red Hat Enterprise Linux ® ® “Since I’m in an educational environment, I found the content of Sobell’s book to be right on target and very helpful for anyone managing Linux in the enterprise. His style of writing is very clear. He builds up to the chapter exercises, which I find to be relevant to real-world scenarios a user or admin would encounter. An IT/IS student would find this book a valuable complement to their education. The vast amount of information is extremely well balanced and Sobell manages to present the content without complicated asides and meandering prose. This is a ‘must have’ for anyone managing Linux systems in a networked environment or anyone running a Linux server. I would also highly recommend it to an experienced computer user who is moving to the Linux platform.” —Mary Norbury IT Director Barbara Davis Center University of Colorado at Denver from a review posted on slashdot.org “I had the chance to use your UNIX books when I when was in college years ago at Cal Poly, San Luis Obispo, CA. I have to say that your books are among the best! They’re quality books that teach the theoretical aspects and applications of the operating system.” —Benton Chan IS Engineer “The book has more than lived up to my expectations from the many reviews I read, even though it targets FC2. I have found something very rare with your book: It doesn’t read like the standard......

Words: 315186 - Pages: 1261

Linux

...select few believe otherwise. Many programmers and computer enthusiasts believe Linux to be a far more efficient and usable system because of its flexibility and efficient code. Even so, among the common users, Linux is probably the least known and most underused computer system in the world. The objective of this paper is to determine which system truly is better for users both common and adept. This research compares both operating systems with each other as to determine which is more customizable, easier use, and faster to run. To provide an objective and thorough comparison, this paper looks at key features present in each operating system. After assessing each system, it can be concluded that, although Windows is definitely more widely used than Linux, Linux is the better operating system because of its usability, open source code, and efficient language. However, before analyzing the necessary components, ample background for each operating system must first be provided. The main objective of Windows was "...to provide a personal computing environment for the common user," (Alampay) the common user being people who don't have in-depth knowledge in computer technology (i.e. Programmers, system analysts, etc.). This operating system was built using the corporate model (Microsoft) and therefore has a closed source code to protect their system from their competitors. The goal of Linux, on the other hand, was to provide an open source version of UNIX, a very......

Words: 3215 - Pages: 13

Linux

...University of Sunderland School of Computing and Technology File Management System in Linux CUI Interface A Project Dissertation submitted in partial fulfillment of the Regulations governing the award of the degree of BA in Computer Studies, University of Sunderland 2006 I. Abstract This dissertation details a project to design and produce a prototype Linux character environment file manipulation assisting application. The application is offering a friendly menu driven interface to handle the jobs that non-programmers keep finding cumbersome to master when it comes to working in a Unix/Linux interface, resulting in serious mistakes and much loss of productive time. The Linux File Management System is a basic program for every user at a Unix/Linux terminal. Advantages here include the fact that the support team does not have to be burdened with solving simple file based queries by the employees. The areas of Designing GUI interfaces in Linux and Windows versus Linux Security were researched and a prototype has been designed, developed and tested. An evaluation of the overall success of the project has been conducted and recommendations for future work are also given. Words II. Table of Contents 1) Introduction.................................................................................................................................4 1.1 Overview.................................

Words: 17681 - Pages: 71

Linux

...you submit in this project, but you have to begin the first week. You can always drop out later if you don’t have time…it’s optional! The project will help you select and install a Linux OS on an old computer. It will be easy XC points for those who have already done so, and a great learning experience for everyone. Part 1—Find an old computer you can install Linux on, and determine its hardware Note: If you do not do Part 1, you are not eligible to do any of the following parts! A. Old computers which are too slow for Windows often make great *nix boxes. B. Find one in your garage, from a neighbor or family member, or at a garage sale. C. You will need system unit, keyboard, mouse, monitor & [optional—network card] D. If it used to run Windows, it should be fine E. Determine what hardware it has, including a. CPU speed, # of cores, etc. b. Memory c. Hard drive space and interface (SATA, PATA, SCSI) d. Network card—ethernet? 100Mbps? Gbps? F. If you have trouble determining what hardware you have, hit the discussion board. G. Submit brand & specs in the link under the weekly Content folder for credit Part 2—Select a Linux, UNIX, or BSD OS and verify that your hardware will support it A. This is strictly research. Find a *nix flavor with which you are unfamiliar! B. Look up the hardware compatibility specs to verify that your system will support the OS you have selected. Again, visit......

Words: 478 - Pages: 2

Linux Research Assignment 1

...1. What is the meaning of the acronym LAMP, and how is it used for creating dynamic websites? A: Lamp stands for “Linux, Apache, MySQL and PHP.” Together these software technologies can be used to form a fully-functional web server. Linux is the most popular operating system used in web servers. The most important of these four technologies is Apache, Apache is the software that serves webpages over the Internet via the HTTP protocol. Once Apache is installed, a standard Linux machine is transformed into a web server that can host live websites. Other components of LAMP include MySQL and PHP. MySQL is a popular open source database management system (DBMS) and PHP is a popular web scripting language. Together, these two products are used to create dynamic websites. Instead of only serving static HTML pages, a LAMP server can generate dynamic webpages that run PHP code and load data from a MySQL database. 2. For Internet websites which are located throughout the entire world, what is the estimated market share for dynamic websites which use LAMP as opposed to Microsoft IIS and the Microsoft Active Server Page scripting language? A: As of today, LAMP (Apache) = 56.4% and Microsoft IIS = 12.9% and I cannot find the percentages for the Microsoft Active Server Page. 3. What is PHP? A: PHP is a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML. 4. What is the JAVA Server......

Words: 353 - Pages: 2

Linux

...students/learners will be held responsible for understanding and adhering to all policies contained within the following two documents: • University policies: You must be logged into the student website to view this document. • Instructor policies: This document is posted in the Course Materials forum. University policies are subject to change. Be sure to read the policies at the beginning of each class. Policies may be slightly different depending on the modality in which you attend class. If you have recently changed modalities, read the policies governing your current class modality. Course Materials Blum, R. (2008). Linux® command line and shell scripting bible. Indianapolis, IN: Wiley. Love, P., Merlino, J., Zimmerman, C., Reed, J. C., & Weinstein, P. (2005). Beginning Unix®. Indianapolis, IN: Wiley. Software RedHat Linux 5 (Virtual Desktop) Article References Ahmed, M. F., & Gokhale, S. (2009). Reliable operating systems: Overview and techniques. IETE Technical Review, 26(6), 461–469. Anthes, G. (2009, June 20-July 27). UNIX turns 40. Computerworld, 43(24), 16. Berlot, M., & Sang, J. (2008, January). Dealing with process overload attacks in UNIX. Information Security Journal: A Global Perspective, 17(1), 33–44. Cantrill, B., & Bonwick, J. (2008, November). Real-world concurrency. Communications of the ACM, 51(11), 34–39. Hendler, J., Shadbolt, N., Hall, W., Berners-Lee, T., & Weitzner, D. (2008, July). Web science: An......

Words: 1560 - Pages: 7

Linux

...xcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnm Research Assignment 2.1 4/9/2012 Kathleen Cline | Research Assignment 2.1 Linux security technologies SELinux, chroot jail, and iptables For each security technology, explain what organization (if any) is behind it and what reason that entity would have to be involved. Include how each technology changes the operating system to enforce security and if the security measure can be easily bypassed. Describe the types of threats each of the technologies is designed to eliminate. SELinux: There are several organizations behind the security technology. One being the National Security Agency (NSA) Researchers designed and implemented flexible mandatory access controls in the major subsystems of the linux kernel and implemented the new operating system components provided by the flask architecture, namely the security server and the access vector cache. Also Network Associates Laboratories (NAI labs) The secure Execution Environments group of NAI labs implemented several additional kernel mandatory access controls, developed the example security policy configuration, ported to the linux 2.4 kernel, contributed to the development of the linux Security modules kernel patch, and adapted the SELinux prototype to LSM. Now the MITRE Corporation enhanced several common utilities to be SELinux-aware and developed......

Words: 1010 - Pages: 5

Linux Ii Research Assignment - Linux Security Technologies

...Research Assignment Linux Security Technologies Kristy Graves ITT Tech – Dayton Linux II IT302 Mandatory Access Control Mandatory Access Control (MAC) is a system wide policy that relies on the current system to control access (Syracuse University, 2009). Users cannot alter or make any changes to this policy. Only the administrator has the clearance and authorization to make changes (The Computer Language Company Inc., 2012). Mandatory access control mechanisms are more than Discretionary Access Control (DAC) but have trade offs in performance and convenience to all users (The Open Web Application Security Project, 2002). Users can access lower level documentation, but they cannot access higher level without the process of declassification. Access is authorized or restricted based on the security characteristics of the HTTP client. This can be due to SSL bit length, version information, originating IP address or domain, etc. Systems supporting flexible security models can be SELinux, Trusted Solaris, TrustedBSD, etc. DAC checks the validity of the credentials given by the user. MAC validate aspects which are out of the hands of the user (Coar, 2000). If there is no DAC list on an object, full access is granted to any user (Microsoft, 2012). SELinux SELinux has three states of operation. These states are enforcing, permissive, and disabled. SELinux was developed by the U.S. National Security Agency (NSA) and implements MAC in a Linux kernel (Sobell, 2011).......

Words: 875 - Pages: 4

Linux

...Linux handles security through three basic concepts, SELinux, chroot jail and iptables. Each concept is designed to target a specific need in the security spectrum. SELinux works at the kernel level and enforces mandatory access control, chroot jail works within the file system and iptables handles routing of data. In the following paragraphs I will discuss some details of each discipline. SELinux can be traced back to the National Security Agency (NSA) when they got involved in trying to create a secure architecture. They released there research to the open source community which picked it up and continues to make improvements to its basic architecture. SELinux is designed to work at the kernel level of an operating system to enforce mandatory access control policies that confine users and servers to the minimum amount of privilege they require to do their job. The concept was to lock everything down by default and selectively allow access to applications as needed. This prevented security loop holes from remaining open because the average user wouldn’t know what to have running and what to have shut down. This way as users attempt to use an application SELinux will deny the attempt unless you can authorize its use. This gave administrators better security on their workstations from inadvertent malicious use or outright attack. One unique feature that makes SELinux different from standard anti-virus and spyware is its ability to be proactive rather than reactive.......

Words: 522 - Pages: 3

Linux

...SELinux (Security-Enhanced Linux) was developed by the U.S National Security Agency and essentially enforces security policies that limits what a user or program can do by implementing MAC (Mandatory Access Control) in the Linux kernel. It defines a security policy that controls many different things such as files, devices, sockets, ports and even some processes. The Security-enhanced Linux's features are designed to enforce the separation of information based on confidentiality and integrity requirements. They are designed for preventing processes from reading data and programs, tampering with data and programs, bypassing application security mechanisms, executing untrustworthy programs, or interfering with other processes in violation of the system security policy. They also help to confine the potential damage that can be caused by malicious or flawed programs. They should also be useful for enabling a single system to be used by users with differing security authorizations to access multiple kinds of information with differing security requirements without compromising those security requirements. SELinux can be in one of three states or modes and the first mode would be the enforcing/active state. This is the default state wherein no user or program will be able to do anything not permitted by the security policy. The next mode would be the permissive/warn state wherein SELinux sends warning message to a log but does not enforce the security policy. Later,......

Words: 799 - Pages: 4

It302 Linux System Administration Research Assignment 1

...IT302 Linux System Administration Research Assignment 1 SELinux or Security Enhanced Linux uses an architecture that separates enforcement from access policy decisions. With this architecture different types of policies can be implemented, including Role-Based Access Control (RBAC), Type Enforcement (TE), and Multi-Level Security (MLS). The module assigns security labels to each subject or object. It uses a security class to determine the kinds of relationship a pair of labels might have. The triplet consisting of a pair of labels and a class are then sent to a policy server to determine if access is allowed. The security labels are assigned dynamic integer security ID's (SID's); the reply from the policy server is cached in an 'access vector cache' for performance reasons. SELinux was developed in coordination with the open source community and the National Security Agency (NSA) to provide the highest level of security for the Linux operating system. Linux V-Server – The three basic elements of the VServer are: * The security context. A process in one security context cannot see processes in other security contexts, neither with the 'ps' command, nor with 'cat /proc' nor in any other way. As side-effect, this means that a process in one context cannot kill processes in other contexts. * Capabilities. The existing Linux kernel provides a wide variety of capabilities which can be taken away from processes. These include the ability to change network......

Words: 423 - Pages: 2