– –

View Github Repository Open presentation in a new window

teopeurt

See all presentation from teopeurt

– –

0 0

cchub-cloud-security

presentation on Cloud @ CCHUB

On Github teopeurt / cchub-cloud-security

Cloud Security

Introduction and Concepts

Created by Don Onwunumah / @teopeurt

What makes me Qualified?

Background...

  • Security Infrastructure Deployments for Finance and Governments
  • White/Black/GreyHat?
  • Information Security Researcher
  • Cryptanalyst
  • Developer
  • Realist
  • ...

...more

  • Data Scientist
  • Distributed Systems
  • Web & Mobile Engineer
  • ...

Security - Whats the Point?

"I think it’s important to recognize that you can’t have 100 per cent security..."

Linux is the Cloud

Sorry Windows

Linux Security Overview

User Accounts & Access Control
Encryption
Logging & Intrusion detection
Basic Security Sys Admin
Not Covered but relevant...
Network: Port Scanners
Protecting Data-in-Transit (TLS/SSL)
Internet Security

.. If too complicated, outsource it ..

Use a PAAS!

Let's Begin..

User Accounts

User Accounts and Access Controls

Root Account controls all user accounts and can lock out one or more accounts at any time.
User Directories are segregated from system areas and each other.
Users can generate their own files, install own programs.
Each user is given a home directory and hard disk space, separate from system areas and other users.

Encryption

Linux can encrypt data during transit, shielding it from outsiders.

Logging and Intrusion Detection

Linux can't predict when
your host will come under attack, but it can record the attacker's
movements.

Basic Tips for Sys Admin

Minimize Packages to Minimize Vulnerability

    # /sbin/chkconfig --list |grep '3:on'

     # chkconfig serviceName off

     # yum -y remove package-name

     # sudo apt-get remove package-name

Check Listening Network Ports

# netstat -tulpn

Use Secure Shell(SSH)

    # vi /etc/ssh/sshd_config
 - disable root login
 - only allow specific users
 - use version 2 protocol

Keep System updated

Centos/Redhat/
# yum updates
    # yum check-update
Ubuntu/Debian
# apt-get update

Enable Iptables (Firewall)

/etc/init.d/iptables – init script to start|stop|restart and save rulesets./etc/sysconfig/iptables – where Rulesets are saved./sbin/iptables – binary.

                

            

        
Review Logs Regularly

            
    /var/log/message – Where whole system logs or current activity logs are available./var/log/auth.log – Authentication logs./var/log/kern.log – Kernel logs./var/log/cron.log – Crond logs (cron job)./var/log/maillog – Mail server logs./var/log/boot.log – System boot log./var/log/mysqld.log – MySQL database server log file./var/log/secure – Authentication log./var/log/utmp or /var/log/wtmp : Login records file./var/log/yum.log: Yum log files.

        
Use SSH Keys

            

                

            


$ ssh-keygen -t rsa -C "your_email@example.com"
    # Creates a new ssh key, using the provided email as a label
    # Generating public/private rsa key pair.
    # Enter file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]
    $ ssh-add id_rsa     

            

        
Questions?


    
Thank You