Security
Differences between revisions 2 and 3
|
Size: 2389
Comment: Wiki page moved from help to wiki -- Dr Small
|
Size: 962
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>|| | <<Include(BeginnersTeam/Includes/Header)>> |
| Line 4: | Line 4: |
| ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>|| | |
| Line 8: | Line 9: |
| ||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position: 98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>|| | |
| Line 9: | Line 11: |
| While the agenda could be implied from the purpose, the Security Focus Group should be willing and ready to assist a user in any way possible with working toward a solution for their security related problems. It is important that members of the security focus team be familiar with, or at least be willing to learn various security programs and procedures. These include, but are not limited to: IPTables, a working knowledge of the TCP/IP stack and basic server security. Basic server security should encapsulate at a bare minimum, setting up and maintaining a '''secure''' SSH server, '''secure''' Apache2 and Tomcat, in particular the proper logging and interpretation of access logs, setup practices and SFTP. Focus group members interested in a more advanced approach to security problems and resolutions should work on becoming well versed on the matters of SQL administration, common database exploitation methods, web vulnerability assessment, probing for vulnerable URL extensions and parameter tampering, and NMap flags and their various purposes. Continuing the advanced route, it is recommended that Security Focus Group members understand basic encryption, not necessarily the math but rather how to properly implement it. Familiarity with testing firewall rules and ACLs, Nessus, Metasploit, open source testing methodologies, HPing3, Nemesis and much more are also invaluable skills. Regardless of the individual's approach, the ability to prevent unauthorized access and probe for signs of unauthorized system entry are essential. |
test text |
| Line 14: | Line 14: |
| === Firewall Related === *[[https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw|UFW - Uncomplicated Firewall]] |
This team is now deprecated. Official announcement about the team's closure can be found here. |
|
Purpose
Contents |
While it is often remarked that Ubuntu comes secure out of the box, many users often express concern over further hardening their systems. Beyond fortifying their OS, there is often concern(s) over an attempt or successful breach of user security. The goal of the Security Focus Group is to assist these users, both new and old, in the attempt at developing and assisting with solutions to security related matters.
Agenda
Contents |
test text
Relative Links
BeginnersTeam/FocusGroups/Security (last edited 2010-10-27 03:12:14 by 71)