Lunix xx
dhabiahbader
267 views
17 slides
Oct 04, 2015
Slide 1 of 17
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
About This Presentation
about lunix
Slide Content
Dhabiah bader 10 AG Lunix principles and philosophy
Know your system(s) The first principle is about knowing what your system is supposed to do. What is its primary role, what software packages does it need and who needs access? By knowing the role of the system you can better defend it against known and unknown threats. Security Measures: Password policy Proper software patch management Configuration management Documentation
Least Amount of Privilege Each process running, or package installed, might become a target. Security professionals call this the “attack surface”. What you want is to minimize this attack surface by removing unneeded components, limit access and by default use a “deny unless” strategy. This latter means that access by default is blocked, unless you allow it (whitelisting). Security Measures: Use minimal/basic installation Only allow access to people who really need it
Perform Defense in Depth Protect the system by applying several layers of security. This principle is named “defense in depth” and can be compared with an onion: to get to the core, you have to peel of layer by layer. One broken defense might help us protect against full compromise. Security Measures: IPtables / Nftables Hardening of software components
Know your Enemy You can only protect a system the right way, if you know what threats you are facing. Why would this system be a target and who would be targeting it? Perform a risk analysis and determine what potential threats your system might endure. Security Measures: Vulnerability scans Penetration tests Risk analysis
Protection is Key, Detection is a Must Security focuses on the protection of assets. While this is a primary objective, we should consider that one day our defenses are broken. Therefore we want to know this as soon as possible, so we can properly act. This is where principle 3 and 4 both are linked. Set-up proper detection methods, similar to the trip wires used by the military. Security Measures: Linux audit framework Remote Logging Create backups and test them
Source code availability The author must make source code available and permit redistribution of both source code and (if applicable) binary code. Permission to derive works The license must permit others to modify the soft- ware and to distribute such modifications under the same license as the origina l.
Respect for source code integrity The license may restrict redistribution of modified source code, but only if patch files may be distributed along with the original source code. The license may require that derived works change the soft- ware’s name or version number. No discrimination against persons or groups The license must not discrimi - nate against any person or group of people.
No discrimination against fields of endeavor The license must not forbid use of the program in any field, such as in business or by genetics researchers. Automatic license distribution The license must apply to anybody who receives the program without needing a separate agreement.
Lack of product specificity The license must not require that the program be used or distributed as part of a larger program—that is, you may extract a single program from a larger collection and redistribute it alone. Lack of restrictions on other software The license must not impose restric - tions on other software that’s distributed along with the licensed software.
Technology neutrality The license must not be restricted based on specific technologies or interfaces.
Understanding the Open Source Philosopy The FSF’s advocacy efforts were (and are) based on a strong moral imperative— software should be free, in the FSF’s view, with “free” defined as described earlier. This approach appeals to some people, but others—particularly businesses that want to make money off of software—find this type of advocacy strange at best and threatening at worst.
For these reasons, the OSI’s creators designed their organization as a way to advocate free software. By using a new term—open source—and by softening some of the FSF’s moral imperatives, the OSI aims to promote open source soft- ware in the business world. The difference in tone from the FSF’s moral impera - tive can be seen in the opening statement on the OSI’s Web site (http://www . opensource.org ):
he FSF advocates what it calls free software, which it defines in terms of freedom to do things you want to do with the software, not the price of the software. A common phrase to make this distinction clear is “free as in speech, not free as in beer.” The FSF defines four specific software freedoms: IIFreedom to use the software for any purpose IIFreedom to examine the source code and modify it as you see fit IIFreedom to redistribute the software IIFreedom to redistribute your modified software
These freedoms are similar to the principles espoused by the OSI, described shortly; however, there are some important differences in interpretation, also as described shortly. The FSF elaborates on the implications of each of its principles, and their interactions, at http:// www.gnu.org /philosophy/free- sw.html .
In an ideal world, by the FSF’s standards, all software would be free—distributed with source code and all the freedoms just outlined. Some Linux distributions meet this ideal in isolation; however, some distributions include proprietary soft- ware. Sometimes this software is freeware, but other times it’s a bit of proprietary code that enables the vendor to restrict redistribution and charge money to sell the software. Since free software is not necessarily free of charge, selling it is not a problem from the FSF’s point of view, but given the other freedoms, free software’s price tends toward zero as it gets passed around
Nine major tenets There are nine major tenets to the Linux philosophy. Small is Beautiful Each Program Does One Thing Well Prototype as Soon as Possible Choose Portability Over Efficiency Store Data in Flat Text Files Use Software Leverage Use Shell Scripts to Increase Leverage and Portability Avoid Captive User Interfaces Make Every Program a Filter There are also 10 lesser tenets and some corollaries to the Linux philosophy that are also important. I will cover some of those in future articles.
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 267
- Slides 17
- Age 3713 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
48 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
47 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
37 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
34 views
21
Know for Certain
DaveSinNM
22 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
26 views