Die Präsentation wird geladen. Bitte warten

Die Präsentation wird geladen. Bitte warten

Sicherheitsmassnahmen für UNIX Dr. Stefan Turowski Systemkolloquium WS 2003/2004 13. Januar 2004.

Veröffentlicht von:Bärbel Judith Solberg Geändert vor über 9 Jahren

Ähnliche Präsentationen

Präsentation zum Thema: "Sicherheitsmassnahmen für UNIX Dr. Stefan Turowski Systemkolloquium WS 2003/2004 13. Januar 2004."—  Präsentation transkript:

1 Sicherheitsmassnahmen für UNIX Dr. Stefan Turowski Systemkolloquium WS 2003/2004 13. Januar 2004

2 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de2 Inhalt  Angriffe  * Folgen  Ziele  Massnahmen  Werkzeuge

3 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de3 Angriffe  Scans zum Entdecken von Sicherheitslücken (mehrere am Tag)  Spezifisches Angreifen von Schwachstellen (ftpd, named, pop,...)  * Installation von P2P Software  * Installation von Mailern (auch nicht Port 25) zur Verbreitung von SPAM  Eigentreffer durch Dummuser

4 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de4 * Kurz bevor die Bomben fallen… University Erlangen Nuremberg Martensstrasse 1D-91058 Notice ID:1906936 Notice Date:7 Nov 2003 20:03:04 GMT Dear Sir or Madam: BayTSP, Inc. ("BayTSP") swears under penalty of perjury that Paramount Pictures Corporation ("Paramount") has authorized BayTSP to act as its agent for copyright infringement notification. BayTSP's search of the protocol listed below has detected infringements of Paramount's copyright interests on your IP addresses as detailed in the attached report. BayTSP has reasonable good faith belief that use for the material in the manner complained of in the attached report is not authorized by Paramount, its agents, or the law. The information provided herein is accurate to the best of our knowledge. Therefore, this letter is an official notification under provisions of section 512(c) of the U.S. Digital Millennium Copyright Act to effect removal of the detected infringement listed in the attached report. The Berne Convention for the Protection of Literary and Artistic Works, the Universal Copyright Convention, as well as bilateral treaties with other countries allow for protection of client's copyrighted work even beyond U.S. borders. The attached documentation specifies the exact location of the infringement. The Notice ID identifies the copyrighted works by file identification number. We hereby request that you immediately remove or block access to the infringing material, as specified in the copyright laws, and insure the user refrains from using or sharing with others Paramount's materials in the future. Please send us a prompt response indicating the actions you have taken to resolve this matter. Please reference the Notice ID number above in your response. Nothing in this letter shall serve as a waiver of any rights or remedies of Paramount with respect to the alleged infringement, all of which are expressly reserved. Should you need to contact me, I may be reached at the following address: Mark Ishikawa Chief Executive Officer BayTSP, Inc. PO Box 1314 Los Gatos, CA 95031 v: 408-341-2300 f: 408-341-2399 paramount-pictures@baytsp.comparamount-pictures@baytsp.com *pgp public key is available on the key server at ldap://keyserver.pgp.comldap://keyserver.pgp.com Note: The information transmitted in this Notice is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, reproduction, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. This infringement notice contains an XML tag that can be used to automate the processing of this data. If you would like more information on how to use this tag please contact BayTSP. - --- -Infringed Work: Core, The -Infringing FileName: (DgE) The Core - Der Innere Kern SVCD 2v2 Deutsch.mpg -Infringing FileSize: 843443708 -Protocol: eDonkey Infringers -IP Address: 131.188.

5 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de5 * FAU – Die Oberspammer [ SpamCop V1.3.4 ] This message is brief for your comfort. Please use links below for details. Email from 131.188.2xx.1yy / 9 Jan 2004 15:54:13 -0000 131.188.2xx.1yy is open proxy, see: http://www.spamcop.net/mky- proxies.html http://www.spamcop.net/w3m?i=z594009218zb8e78075f052713ce326259f 77d7c04ezhttp://www.spamcop.net/mky- proxies.html http://www.spamcop.net/w3m?i=z594009218zb8e78075f052713ce326259f 77d7c04ez [ Offending message ] Return-Path: Delivered-To: x Received: (qmail 2159 invoked by uid 1000); 9 Jan 2004 15:54:17 -0000 Received: (qmail 2130 invoked from network); 9 Jan 2004 15:54:13 -0000 Received: from xxx.yyy.uni-erlangen.de (HELO ascade.se) (131.188.2xx.1yy) by 216-228-9-193.dsl.redshift.com with SMTP; 9 Jan 2004 15:54:13 -0000 Message-ID: From: "Catherine Graham" To: x Subject: stronger and harder Date: Fri, 09 Jan 2004 13:50:14 +0000

6 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de6 Ziele  Systeme schwerer angreifbar machen  Systemfunktionalität verbergen  Schaden begrenzen

7 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de7 Unbedingt erforderlich  Einspielen von Sicherheitspatches sicherstellen  Zugänge zum System kontrollieren  alle Benutzer müssen (gute) Passwörter haben  nur die Dienste dürfen aktiviert sein, die auch wirklich genutzt werden sollen  jeder Dienst muss beschränkt sein auf das geringst mögliche Minimum  physikalische Sicherheit (Console)

8 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de8 Unterstützende Massnahmen  Logging und Überwachung des Systems  * am RRZE: zentraler syslog  * am RRZE: SRS Netconnect (https://srsnetconnect3.sun.com/)  Zeitsynchronisation  * am RRZE: NTP  Warnungen einbauen  * am RRZE: /etc/issue  nur verschlüsselte Verbindungen zulassen  * am RRZE: eingeschränkt: rlogin/rsh/telnet/ftp/http(auth)  * gelegentliche Neuinstallation/Update

9 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de9 Einfache Werkzeuge  autopatch, YOU (Yast Online Update), APT  * am RRZE: voll in Betrieb  tcpwrapper (tcpd, /etc/hosts.allow)  * am RRZE: Einschränkungen für backup, finger, …  * am RRZE: Keine Verbindungen von Systemen ohne DNS-Eintrag  Einstellungen in /etc/default  * am RRZE: login mit Logging

10 UNIX Sicherheit10.07.03stefan.turowski@rrze.uni-erlangen.de10 Profi-Werkzeuge  Personal Firewall (ipfilter, ipchains, iptables)  * am RRZE: ipfilter auf speziellen Systemen  Teergruben  * am RRZE: keine

Herunterladen ppt "Sicherheitsmassnahmen für UNIX Dr. Stefan Turowski Systemkolloquium WS 2003/2004 13. Januar 2004."

Ähnliche Präsentationen

Wie mache ich mein UNIX-System sicher(er)? Stefan Turowski.

Wie mache ich mein UNIX-System sicher(er)? Stefan Turowski.
Verbs Used Impersonally With Dative Deutsch I/II Fr. Spampinato.

Verbs Used Impersonally With Dative Deutsch I/II Fr. Spampinato.
Can you think of some KEY phrases which would be useful in multiple contexts? Take 2 minutes with a partner and come up with as many as you can!

Can you think of some KEY phrases which would be useful in multiple contexts? Take 2 minutes with a partner and come up with as many as you can!
11.11.2013 | DC-IAP/SVC3 | © Bosch Rexroth Pneumatics GmbH 2013. This document, as well as the data, specifications and other information set forth in.

| DC-IAP/SVC3 | © Bosch Rexroth Pneumatics GmbH This document, as well as the data, specifications and other information set forth in.
You need to use your mouse to see this presentation © Heidi Behrens.

You need to use your mouse to see this presentation © Heidi Behrens.
You need to use your mouse to see this presentation © Heidi Behrens.

You need to use your mouse to see this presentation © Heidi Behrens.
CALPER Publications From Handouts to Pedagogical Materials.

CALPER Publications From Handouts to Pedagogical Materials.
Greetings and goodbyes Deutschland v. USA

Greetings and goodbyes Deutschland v. USA
Der formelle Imperativ – the Imperative

Der formelle Imperativ – the Imperative
Sprachneuerungen des .NET Frameworks 3.5

Sprachneuerungen des .NET Frameworks 3.5
Einfaches Erstellen von Präsentationen aus Einzelfolien heraus.

Einfaches Erstellen von Präsentationen aus Einzelfolien heraus.
Stephanie Müller, Rechtswissenschaftliches Institut, Universität Zürich, Rämistrasse 74/17, 8001 Zürich, Criminal liability.

Stephanie Müller, Rechtswissenschaftliches Institut, Universität Zürich, Rämistrasse 74/17, 8001 Zürich, Criminal liability.
Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH

Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH
Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH.

Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH.
Literary Machines, zusammengestellt für ::COLLABOR:: von H. Mittendorfer Literary MACHINES 1980 bis 1987, by Theodor Holm NELSON ISBN 0-893467-056-2.

Literary Machines, zusammengestellt für ::COLLABOR:: von H. Mittendorfer Literary MACHINES 1980 bis 1987, by Theodor Holm NELSON ISBN
You need to use your mouse to see this presentation © Heidi Behrens.

You need to use your mouse to see this presentation © Heidi Behrens.
Arbeiten in einem agilen Team mit VS & TFS 11

Arbeiten in einem agilen Team mit VS & TFS 11
Page  1 YOUR LOGO This text can be replaced with your text. POLAROIDCHART.

Page  1 YOUR LOGO This text can be replaced with your text. POLAROIDCHART.
? What is Open PS? SAP Open PS based on EPS 4.0

? What is Open PS? SAP Open PS based on EPS 4.0
Welcome to Web Services & Grid Computing Jens Mache

Welcome to Web Services & Grid Computing Jens Mache

Ähnliche Präsentationen

Google-Anzeigen