HP OSMS white paper: Security of Open Source Middleware Stacks
3. Custom policy for AppArmor
4. Custom policy for SELinux
Monitoring and Forensic Tools
It is difficult to detect a compromised system. As soon as an attack succeeds, the attacker will attempt to
keep access to the compromised system while avoiding detection. Systematic auditing is necessary to
discover traces of attacks through unauthorized changes. For example, Tripwire is an auditing tool that
checks for signs that an intrusion has occurred.
For more information, see the Tripwire Web site at:
http://www.tripwire.com
Often an attacker will place a rootkit on the system to facilitate ongoing control and evasion of detection.
Rootkits are sets of applications that alter the very nature of a system, and they are extremely difficult to
detect and remove. Rootkits prevent a system from reporting the existence of the rootkit and other files,
such as backdoors, key-logging tools, FTP servers, and spam engines left behind by the attack.
To ensure that the tools you use are viable, you must not trust the tools on a system you suspect has been
breached. A live CD solution enables you to examine the suspected system safely and accurately. Security
Tools Distribution (SDT) is an example of a live CD that provides tools for forensic analysis.
For more information, see the STD Web site at:
http://s-t-d.org
Conclusion
Security is a very complex topic. To begin with, security needs to be viewed in the context of an individual
system managed with a specific security policy. Perfect security is only theoretically possible. A security
policy can describe only what level of security is enough. There is no tool, practice, or silver bullet that
can ensure that systems are safe and reliable. However, OSMS systems can be made sufficiently secure
by keeping security patches up to date, hardening the configuration, using layered security and other best
practices.
The security goals of open source and proprietary systems are not different. To achieve security, you must
address the following issues:
Management Create a security policy that describes valuable computer assets that need protection.
Create processes and an audit schedule to ensure the management of these assets.
Ensure that security management is an ongoing activity.
Education Be aware of the evolving security landscape. Understand the best way to meet the
requirements of the security policy. Continually educate users about security.
Vulnerability Be aware of security vulnerabilities in the systems you manage as soon as they are
announced and immediately apply security patches.
Configuration Prepare your system to resist the inevitable attack and to limit the damage of a
successful attack.
New flaws Time exposes new flaws. There is a constant conflict between those who try to protect
systems and those who attack them.
Glossary
attacker An unauthorized person who actively seeks ways to gain control of computer systems.
attack An unauthorized attempt to break into a computer system.
brute force attack An unsophisticated attack. In the simplest form, this attack simply tries to guess
passwords or encryption keys by generating strings one after another, until it finds
a match. Complex examples of this attack might use dictionaries of common words
or common passwords. Theoretically, all encryption is susceptible if the attacking
system has infinite resources (memory and time).
certification
authority
Trusted third parties that issue digital certificates for use by other parties to validate
public keys.
crackers Malicious attackers interested in taking things apart for personal gain or mischief.
26