ITEC 5321 Information Systems Security Spring ‘07 Slax KillBill Edition v5.1.8.1 Deepanwita Bagchi 03-03-2007
Agenda � Why is Security important? � Role of NIST � Different Technical Controls suggested by NIST � What is a Live CD? � SLAX KillBill Edition v 5.1.8.1 � How to implement a technical control with SLAX KillBill live CD? � Q/A 3/3/2007 Deepanwita Bagchi
"If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology." - Bruce Schneier 3/3/2007 Deepanwita Bagchi
National Institute of Standards and Technology � Non Regulatory agency of the US Department of Commerce’s Technology administration � Suggests control categories to prevent, detect and recover IT systems from security threats. Categories are: technical, managerial and operational � Technical control are subdivided into three categories: Supportive, Preventive and Detective/Recovery 3/3/2007 Deepanwita Bagchi
National Institute of Standards and Technology Technical Security Controls: � Support : � Preventive � Identification � Authentication � Cryptographic Key Management � Authorization � Security Administration � Access Control Enforcement � System Protections � Nonrepudiation � Protected Communications � Detection / Recovery � Transaction Privacy � Audit � Intrusion Detection & Containment � Proof of Wholeness � Restore Secure State � Virus Detection and Eradication 3/3/2007 Deepanwita Bagchi
National Institute of Standards and Technology 3/3/2007 Technical Security Controls Deepanwita Bagchi Source: http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf
Live CD? � Bootable CD with pre-configured software � Easy way to try out multiple operating systems without having to install them � Read-only CD, hard to tamper with � Wide range of distros to choose from while implementing a technical security control 3/3/2007 Deepanwita Bagchi
My Choice? � Slax KilBill Edition v5.1.8.1 � Slackware Linux based liveCD � Pocket operating system, merely 204MB � Uses Unification File System (also known as unionfs), allowing read-only filesystem to behave as a writable one, saving all changes to memory. Why Slax KB? � Modularity � Speed � Easy CD/ USB creation 3/3/2007 Deepanwita Bagchi
Default Features in SLAX KB v5.1.8.1 CD � Linux kernel 2.6 offering excellent hardware support � The newest ALSA sound drivers � Ndiswrapper for loading Windows drivers for WIFI cards � Madwifi drivers for native support for WIFI cards (Multiband Atheros) � KDE 3.5 desktop � Webconfig allowing you to save your session data to slax‘ web 3/3/2007 Deepanwita Bagchi
Easy CD creation with MySLAX 3/3/2007 Deepanwita Bagchi
Demo of Easy LiveCD Creation 3/3/2007 Deepanwita Bagchi
Security Modules available in SLAX KB � 87 Security Modules available to choose from Source: http://www.slax.org/modules.php?category=security 3/3/2007 Deepanwita Bagchi
Security Modules I Installed � BCrypt 1.1 � Ccrypt 1.7.7 � Ethereal 0.10.11 � Snort 2.6.0.2 � TrueCrypt 4.2a 3/3/2007 Deepanwita Bagchi
Technical Control Implemented Protected Communications: Truecrypt & Ccrypt 3/3/2007 Deepanwita Bagchi
Protected Communications (Contd…): Keyfile created 3/3/2007 Deepanwita Bagchi
Protected Communications (Contd…): File to be encrypted Encryption command 3/3/2007 Deepanwita Bagchi
Protected Communications (Contd…): Encrypted File Decryption Command 3/3/2007 Deepanwita Bagchi
Protected Communications (Contd…): Back to original file 3/3/2007 Deepanwita Bagchi
Questions / Comments? 3/3/2007 Deepanwita Bagchi
Recommend
More recommend
