An Automated Hardening and Security Monitoring Program for Linux
School Name
South Carolina Governor's School for Science & Mathematics
Grade Level
12th Grade
Presentation Topic
Computer Science
Presentation Type
Mentored
Oral Presentation Award
2nd Place
Abstract
Linux malware tripled from 2015 to 2016 and has only continued to grow, particularly with the rise of botnets. A substantial fraction of malware exhibits similar behavior once installed, some of which can be clearly monitored, eventually leading to removal. Many initial exploitations come from easily-closed security gaps such as default credentials on exposed services or a lack of protection against brute-force attacks. The Python program that I developed is a text-based systems administration tool for Ubuntu Linux that fixes these common security issues while continuously monitoring for signs of intrusion. These security measures include: securely configuring critical services, stopping any unlisted services, setting strong password policies, checking users for easily decrypted passwords, deleting unauthorized users, checking the permissions of essential files, monitoring modifications of important listed directories and files, and verifying the integrity of system tools. The software was developed modularly, with almost every function independent of the others. The program uses the Bash shell and its various utilities extensively. The approach was primarily based on automatically implementing security measures using industry standards, blue-team competitions, reports, and papers as a guide. The program can be a useful open-source tool for any user, and it is another part of the growing security software solutions for Linux. Almost every function uses input text files, so no modifications to the source code are necessary in order to configure the program. While currently targeted towards Ubuntu Linux, it can be quickly adapted to other distributions of Linux.
Recommended Citation
McManamon, Brendan, "An Automated Hardening and Security Monitoring Program for Linux" (2019). South Carolina Junior Academy of Science. 41.
https://scholarexchange.furman.edu/scjas/2019/all/41
Location
Founders Hall 140 A
Start Date
3-30-2019 10:15 AM
Presentation Format
Oral Only
Group Project
No
An Automated Hardening and Security Monitoring Program for Linux
Founders Hall 140 A
Linux malware tripled from 2015 to 2016 and has only continued to grow, particularly with the rise of botnets. A substantial fraction of malware exhibits similar behavior once installed, some of which can be clearly monitored, eventually leading to removal. Many initial exploitations come from easily-closed security gaps such as default credentials on exposed services or a lack of protection against brute-force attacks. The Python program that I developed is a text-based systems administration tool for Ubuntu Linux that fixes these common security issues while continuously monitoring for signs of intrusion. These security measures include: securely configuring critical services, stopping any unlisted services, setting strong password policies, checking users for easily decrypted passwords, deleting unauthorized users, checking the permissions of essential files, monitoring modifications of important listed directories and files, and verifying the integrity of system tools. The software was developed modularly, with almost every function independent of the others. The program uses the Bash shell and its various utilities extensively. The approach was primarily based on automatically implementing security measures using industry standards, blue-team competitions, reports, and papers as a guide. The program can be a useful open-source tool for any user, and it is another part of the growing security software solutions for Linux. Almost every function uses input text files, so no modifications to the source code are necessary in order to configure the program. While currently targeted towards Ubuntu Linux, it can be quickly adapted to other distributions of Linux.