Slide 1
Excellent Education Program
Innovative Methods of Teaching

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Cum sociis natoque penatibus et magnis dis parturient.

Slide 2
Learning Through Play
Devoted to the Early Education

Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim.

Slide 2
Learning Through Play
Devoted to the Early Education

Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim.

Slide 2
Learning Through Play
Devoted to the Early Education

Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim.

Slide 2
Learning Through Play
Devoted to the Early Education

Donec quam felis, ultricies nec, pellentesque eu, pretium quis, sem. Nulla consequat massa quis enim.

Slide 3
Learning Through Play
Find a Class for your Children

Aenean leo ligula, porttitor eu, consequat vitae, eleifend ac, enim. Aliquam lorem ante, dapibus in, viverra quis.

previous arrow
next arrow

Linux Security Tools

Spread the Knowledge
  • Vulnerability Assessment with Nessus
  • Traffic Security with Ethereal
  • Web Proxying with Squid

Vulnerability Assessment with Nessus

  • Nessus is a vulnerability assessment tool
  • Comes built-in with most distros
  • More than just a port scanner
  • Ability to scan a sytem for open ports and services, applications, and vulnerabilities associated with system
  • Useful to help find your systems’s
  • Can be run against local host or networked systems
  • Requires root privileges to be effective
  • Two major pieces:
  • Server(nessusd)
  • Client(nessus)
  • Server is run on host to be canned, client is for viewing scan results
  • Requires a username and password or certificate to be setup
  • Use ‘nessus’ command with options to configure program
  • Nessus uses port 1241 by default to listen, but can be changed
  • GUI can be used to configure scans and view them
  • Many scan options can cause DOS attack against target – use with caution!
  • Scan results can tell you about vulnerabilities, possible effetcs, and how to correct them
  • Nessus uses updateable database of Vulnerabilities
  • Usually kept very current
  • Ensure you check website for latst database updates
  • Nessus Demonstration

Traffic Security with Ethereal

  • Ethereal (now Wireshark) most popular network sniffer
  • Open source and commercial versions
  • De facto sniffer used with Linux
  • Uses libcap library
  • Enables “promiscuous mode” NIC opeartion
  • Can intercept any raw traffic NIC receives
  • Use to ensure communications security of your network:
  • Determine if integrity of packets are assured
  • Determine if/when encryption in needed
  • Determine if paswords are secured
  • Can capture real-time traffic or saved traffic for later analysis
  • Saves to a file that is readable by different programs
  • Breaks out capture by time, protocol, source, and destination IP addresses/MAC addresses
  • Ethereal Demonstration

Web Proxying with Squid

  • A proxy runs on a server beween two networks
  • Client establishes connection through proxy to destination server/network
  • Client negotiates with proxy server establish connection on behalf of client between proxy server and destination
  • Proxy then receives and forwards traffic to and from the client and destination on behalf of client
  • Effectively masquuerades client for security purposes
  • Squid is the most popular open-source Web proxy for Linux
  • Uses rules to determin if requests are valid or allowed
  • Checks web responses for validity
  • Can cache web pages to enhance performance
  • Can use plug-ins to perform additional rule checking and validate content
  • Configured using command line or Webmin grapical interface
  • Denies outgoing requests by default – must be configured to allow requests
  • Squid Configuration Demostration
Latest posts by Amardeep Dubey (see all)