Linux System Administration Wa 1

Only available on StudyMode
  • Download(s) : 20
  • Published : December 11, 2012
Open Document
Text Preview
Jennifer Howe
WA 1

Comparing Linux Security Applications
Introduction
The pervasive adoption of the Linux operating system has led to a proliferation of new security tools and applications for ensuring the security of systems and applications. The intent of this analysis is to evaluate chroot jail, iptables and SELinux. These three security technologies are evaluated from the standpoint of which organizations were behind their development, in addition to an explanation of how each technology changes the Linux operating system to make it more secure. Finally the types of threats that each of the technologies is designed to eliminate is also discussed. Analysis of chroot jail

The chroot jail command was developed and first introduced during the initial development of the Unix Version 7 operating system in 1979 to ensure that users of UNIX-based workstations could still navigate to the highest levels of directories on their systems. The Berkeley System Division (BSD) versions of UNIX were very popular in the 1982 timeframe, immediately began using this command as a means to protect the rapidly expanding number of accounts on this operating system. The chroot jail command was designed to provide user account-level access to the /home/user directory. Without this command in place, any user would be able to navigate to the very top of the /user tree structure and view any account and its contents they chose to. It also protected the entire file system for unwanted access and access across all system resources and programs as well., The developers of this command specifically looked at how to create a more effective strategy for managing user accounts and eradicating the threat of a single hacker gaining access to every user account on a Unix, and now Linux-based system (Rooney, 2004). The command has since become pervasively used for creating development “sandboxes” that define specific test regions on Linux systems that are protected from errant...
tracking img