IS3440: Linux Security
While researching the regulatory requirements needed for First World Bank Savings and Loans I found that a security policy against current server architecture is required to be implemented. The CIA (Confidentiality, Integrity, and Availability) triad is taken into account when analyzing the multiple servers in reference to Linux and Open Source managing security demands.
The "Database Server" requires the administrators go further in terms of technical design through a Linux architecture method. MySQL can be utilized as a backend and comes with script availability to remove test databases, lower systems and data base privileges (Jang, 2011). This method will allow successful requirement of all networking layers.
The Apache Web Server allows the ability to harden the Linux kernel within Apache (Prashant, 2013). The patch available is "grsecurity" and allows protection against zero-day vulnerabilities while utilizing "ksplice" to update the kernal on time (Prashant, 2013).
Samba is used for the file server and has many features to restrict access to what is shared. This includes enforcing password requirements, filtering at the network level, and a check going against group memberships (Jang, 2011).
The SMTP server will be Sendmail. Sendmail comes with the security feature of encrypting the connection (Jang, 2011). We will also need a virus scanning program to ensure mail coming in does not have virus attachments.
The LDAP server will be utilized as the central authentication server so that the involved users have a login that is unified and covers all console logins (LDAP NExt, 2010).
Jang, M. (2011). Security Strategies in Linux Platforms and Applications. Jones & Bartlett Learning.
LDAP NExt. (2010, 06). The official Red Hat Reference Guide. Retrieved from http://www.centos.org/docs/2/rhl-rg-en-7.2/s1-ldap-uses.html
Prashant, P. (2013, 10
Cited: Jang, M. (2011). Security Strategies in Linux Platforms and Applications. Jones & Bartlett Learning. LDAP NExt. (2010, 06). The official Red Hat Reference Guide. Retrieved from http://www.centos.org/docs/2/rhl-rg-en-7.2/s1-ldap-uses.html Prashant, P. (2013, 10 10). Linux for you. Retrieved from http://www.linuxforu.com/2011/05/securing-database-servers/.