StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Firewall and Service Management on Linux - Essay Example

Cite this document
Summary
The author of this essay "Firewall and Service Management on Linux" casts light on the network statistics which is a command line utility for monitoring network connections both inbound and outbound. Besides, it can also be used for viewing routing tables and interface statistics. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.7% of users find it useful
Firewall and Service Management on Linux
Read Text Preview

Extract of sample "Firewall and Service Management on Linux"

Firewall and Service Management on Linux Netstat Netstat (network statistics) is a command line utility for monitoring network connections both inbound and outbound. It can also be used for viewing routing tables and interface statistics. Netstat is very useful when doing network troubleshooting and performance measurement. netstatshows open ports and whether any programs are listening on ports (Dean, 2013).Netstat can be used to help determine whether there are unauthorized sockets open to or from a system. This could indicate malicious activity being directed towards your system, or if the system is connecting to other systems for the purpose of sending data out, for any number of possible reasons, including data theft, or participation in a botnet as an example. There are several options available for use with netstat. netstat -a option lists all listening ports of tcp and udp connections. It might be useful sometimes to be able to list them all when analyzing a client’s system, given that it gives the big picture. However, when context is needed, some more filtering should be done to get a better idea of the issues one is dealing with. Thus other commands need to be used in order to provide better context. However, if a port is open that the client system is not using then the port needs to be closed to protect the client system from an attacker. netstat –at shows all TCP (Transmission Control Protocol) port connections only. TCP statistics can show when a client system is being attacked, such as during denial of service attacks. TCP parameters which show dropped connection requests increase rapidly when under attack. netstat –ant shows the output without running a DNS query, which would slow down the command response time. Instead, it will only show the IP address without showing domain names. This might be more useful when time is of essence, and one needs answers fast in case of an attack on a client system. netstat –nl shows all listening connections. However, this might be counterproductive as it also gives too much information without context. netstat –nlpu shows the process that owns listening UDP socket connections.sudonetstat –nlpu shows the process owner and process ID (PID). This is useful in determining which program is running a process. This can help determine whether it is a rogue process or not, and can help in hardening client systems. sudonetstat –nlpue displays the user ID and the associated Inode. This can show additional details about the user account that the suspicious socket it is associated with. The netstat command shows detailed statistics of each network connection, interface, routing tables, network protocols and it also displays other network-specific information. The netstat command helps us to deal with network issues in linux .Network administrators are also encouraged to have enhanced performance measurement when they use the netstat command. Systemctl Systemctl is a command line utility that can be used to control various aspects of services on a system (start or stop, run at startup). systemctl can also be used to display details about services running on your system, or provide details about why a service failed to start. These are important abilities to have when trying to do an application audit on a system. Services are typically run for a long time without shutting down and usually they start when the system starts and stop when it shuts down. They are frequently network-facing, which makes them vulnerable to remote attacks. Some services run with great privileges granted to them, which can be unhealthy. Some of the options available under systemctl are: mansystemctl - lists all running services. This helps determine if a particular service is running unnecessarily.For example, a client system does not require to have the Bluetooth service running all the time, and such a service will show up when this option is used, and thus the admin will know whether to shut it down. systemctl – version this shows the version details about systemctl. This information is useful in order to know how to go about configuration of services. systemctl status - shows information about a particular service. This information helps in finding out what to do about the service, whether to let it stay as it is, or to stop it. systemctl stop - is used to stop a service in case it is not necessary to have it running all the time. A service such as Bluetooth is one which can be stopped without any adverse consequencies. systemctl status- display the details about a service. It can be used to verify whether it is running or it has shutdown. It might be necessary to find out since the service might not shutdown if it was being used by a particular application systemctl disable - this option disablesa service from starting at boot. When high security is needed, access is limited to some particular necessary services, and thus some of them should be disabled as early as possible, so that a reboot does not restart them. systemctl restart -is used to restart a service when needed. Unnecessary and unwanted network services should be disabled from the system. When allowing access for new services, the firewall also has to be configured. This is done in order to ensure that the system is as secure as possible (Fedora documentation). Hardening" services restricts the ability of a compromised service to damage a client system. There are several ways to accomplish this objective. One way is to run services with the least possible privilege. This allows services to run with only the most basic privileges that are required. Service isolation can also be done to harden client systems. This allows some particular services to be isolated from other services or even client applications. This is done by using a unique service identity. This restricts access to its resources by other services or applications. Service identity can also restrict access of a service access to the resources of other services or applications. As an example, an antivirus service maintains exclusive access to its signature definition files through use of service isolation. References Dean, T. (2013). Network+ guide to networks (6th ed.). Boston: Course technology/cengage learning. Fedora Documentation :Chapter 7. Services and Daemons. (n.d.). Fedora Project. Retrieved April 26, 2014, from http://docs.fedoraproject.org/en-US/Fedora/15/html/Deployment_Guide/ch-Services_and_Daemons.html Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Firewall and Service Management on Linux Essay Example | Topics and Well Written Essays - 1000 words”, n.d.)
Firewall and Service Management on Linux Essay Example | Topics and Well Written Essays - 1000 words. Retrieved from https://studentshare.org/information-technology/1641952-system-security-administrator
(Firewall and Service Management on Linux Essay Example | Topics and Well Written Essays - 1000 Words)
Firewall and Service Management on Linux Essay Example | Topics and Well Written Essays - 1000 Words. https://studentshare.org/information-technology/1641952-system-security-administrator.
“Firewall and Service Management on Linux Essay Example | Topics and Well Written Essays - 1000 Words”, n.d. https://studentshare.org/information-technology/1641952-system-security-administrator.
  • Cited: 0 times

CHECK THESE SAMPLES OF Firewall and Service Management on Linux

Comparison of Windows and Linux

linux supports EXT 2, EXT 3, GFS, GFS2, XFS, NILFS and many other formats including FAT and NTFS formats.... linux was written by Linus Torvalds in 1991.... This enabled contributions from programmers towards the Cause and hence after several changes linux has been developed into a very sophisticated operating system.... linux being open source software doesn't provide any specific authentication.... It initializes several motherboard components and peripherals, including … An operating system is software that is responsible for the management of the resources of a computer....
5 Pages (1250 words) Essay

Vulnerabilities of Networks and Internet

The good practice of info- security in the preservation of data and its role in effective network management.... Technology, manufacturers and the government work hand in hand to fortify the network structure and further enhance network security management.... The paper ''Vulnerabilities of Networks and Internet'' presents a clear view of the issues involving computer networks and their security....
7 Pages (1750 words) Essay

IT Database Research

Physical security involves measures taken to ensure security of workforce, system devices and equipment, resources, documents and sensitive information stored on physical media (like hardware programs and networks) from damaging proceedings like unauthorized access, fire,… 2.... One may want to separate server roles if there is a lot of asynchronous activity going on such as “imports, workflows or ns” (Microsoft Dynamics), and one wants these activities not to create long backlogs which may hinder with the operation of new asynchronous activities....
4 Pages (1000 words) Research Paper

Enterprise Info Security

How can the ability to distinguish between programs and data help to construct a defense against buffer overrun/overflow attacks?... hellip; They are thus the basis of many software vulnerabilities and can be maliciously exploited Understanding the difference between data and Buffer overflow/overrun is a form of interference where a program overruns the buffer's boundary and overwrites adjacent memory, while writing data to a buffer....
8 Pages (2000 words) Essay

Best Practice for OS, FW, and SELinux

Users would need to enter the command su -c /sbin/chkconfig --level 345 yum on; /sbin/service yum start.... Even as organizations use different access control features embedded in firewall systems to attain system security, they have to follow certain best practices so as to realize the full potential of the firewall systems....
7 Pages (1750 words) Assignment

Network Scanning Over the World

The case study "Network Scanning Over the World" states that Network scanning probably is the most faster-growing over the world wide.... And there are hugely valuable tools useful for network security.... Some of them help in identifying active hosts on a network from attacking or security purposes....
8 Pages (2000 words) Case Study

Web Server Approach: Simple Object Access Protocol

The abbreviated form of SOAP is from time to time befuddled with SOA, which is also called service-oriented architecture.... … Literature ReviewWhat is SOAP?... OAP initially stood for Simple Object Access Protocol.... For transferring messages over networking channels of computers based on XML, SOAP protocol is employed....
12 Pages (3000 words) Assignment

Business Feasibility - Lions Hospital Group Management System

There will be need to have a common system that will have data from the various hospitals and be able to have an efficient data management system.... mproving the data management of the whole system.... This way, data management will be managed well.... Every organization strives to have integrated management systems, LHGMS is no exception....
13 Pages (3250 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us