An Automated Hardening and Security Monitoring Program for Linux

School Name

South Carolina Governor's School for Science & Mathematics

Grade Level

12th Grade

Presentation Topic

Computer Science

Presentation Type

Mentored

Oral Presentation Award

2nd Place

Abstract

Linux malware tripled from 2015 to 2016 and has only continued to grow, particularly with the rise of botnets. A substantial fraction of malware exhibits similar behavior once installed, some of which can be clearly monitored, eventually leading to removal. Many initial exploitations come from easily-closed security gaps such as default credentials on exposed services or a lack of protection against brute-force attacks. The Python program that I developed is a text-based systems administration tool for Ubuntu Linux that fixes these common security issues while continuously monitoring for signs of intrusion. These security measures include: securely configuring critical services, stopping any unlisted services, setting strong password policies, checking users for easily decrypted passwords, deleting unauthorized users, checking the permissions of essential files, monitoring modifications of important listed directories and files, and verifying the integrity of system tools. The software was developed modularly, with almost every function independent of the others. The program uses the Bash shell and its various utilities extensively. The approach was primarily based on automatically implementing security measures using industry standards, blue-team competitions, reports, and papers as a guide. The program can be a useful open-source tool for any user, and it is another part of the growing security software solutions for Linux. Almost every function uses input text files, so no modifications to the source code are necessary in order to configure the program. While currently targeted towards Ubuntu Linux, it can be quickly adapted to other distributions of Linux.

Location

Founders Hall 140 A

Start Date

3-30-2019 10:15 AM

Presentation Format

Oral Only

Group Project

No

COinS
 
Mar 30th, 10:15 AM

An Automated Hardening and Security Monitoring Program for Linux

Founders Hall 140 A

Linux malware tripled from 2015 to 2016 and has only continued to grow, particularly with the rise of botnets. A substantial fraction of malware exhibits similar behavior once installed, some of which can be clearly monitored, eventually leading to removal. Many initial exploitations come from easily-closed security gaps such as default credentials on exposed services or a lack of protection against brute-force attacks. The Python program that I developed is a text-based systems administration tool for Ubuntu Linux that fixes these common security issues while continuously monitoring for signs of intrusion. These security measures include: securely configuring critical services, stopping any unlisted services, setting strong password policies, checking users for easily decrypted passwords, deleting unauthorized users, checking the permissions of essential files, monitoring modifications of important listed directories and files, and verifying the integrity of system tools. The software was developed modularly, with almost every function independent of the others. The program uses the Bash shell and its various utilities extensively. The approach was primarily based on automatically implementing security measures using industry standards, blue-team competitions, reports, and papers as a guide. The program can be a useful open-source tool for any user, and it is another part of the growing security software solutions for Linux. Almost every function uses input text files, so no modifications to the source code are necessary in order to configure the program. While currently targeted towards Ubuntu Linux, it can be quickly adapted to other distributions of Linux.