slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Disk Organisation Linux File Systems Linux File System Hierarchy General Security Information Linux File System Securit PowerPoint Presentation
Download Presentation
Disk Organisation Linux File Systems Linux File System Hierarchy General Security Information Linux File System Securit

Loading in 2 Seconds...

play fullscreen
1 / 60

Disk Organisation Linux File Systems Linux File System Hierarchy General Security Information Linux File System Securit - PowerPoint PPT Presentation


  • 401 Views
  • Uploaded on

Disk Organisation Linux File Systems Linux File System Hierarchy General Security Information Linux File System Security Yiğit Cansın Hekimci Can Dereli Disk Organisations What is a hard disk? A hard disk drive ( HDD , also commonly shortened to hard drive and formerly

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Disk Organisation Linux File Systems Linux File System Hierarchy General Security Information Linux File System Securit' - benjamin


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Disk OrganisationLinux File SystemsLinux File System HierarchyGeneral Security InformationLinux File System SecurityYiğit Cansın HekimciCan Dereli

what is a hard disk
What is a hard disk?

A hard disk drive (HDD, also commonly shortened to hard drive and formerly

known as a fixed disk) is a digitally encoded non volatile storage device which

stores data on rapidly rotating platters with magnetic surfaces.

In the simplest of forms , they give computers the ability to remember things when the power goes out.

how hard disk works
How hard disk works?
  • Sectors(256,512) and Tracks
  • O/S or hard disk groups them as clusters
  • Low level formatting (beginning and end points)
  • High level formatting
    • File storage scheme
    • Order of sector and tracks
  • After HLF platters are ready to read/write

A sector

A track

slide6

information

Organization of Disks...

1. Positioning the head

to the sector

  • Sector is under
  • the head

Low speed reading

High positioning speed

High speed reading

Low positioning speed

slide7

information

Organization of Disks...

  • Positioning of the
  • sector is under the
  • head

The amount of time passed to position the sector under the head is the same inside and outside.

But because of having less sectors inside the amount of time passed to position the sector is relatively less.

slide8

information

Organization of Disks...

  • Positioning the
  • Sector under the
  • head..

Practically

%5-10

lesser.

Result in practice

Outside of the disk is always

Faster.

slide9

SCSI vs. IDE...

SCSI

Better driver electronic

Better optimized sectors

Much faster head move.

Tag Sorting..

The most important factor

that reduces the search time for

the sector.

data

High Databus speed..

Much faster transfer

More device to the same

databus - RAID

SCSI Systems,

are indispensable for Applications

that need High Speed

slide11

Linux EXT2

File location informations are scattered througout the disk.

The pointer to the file (inode) and file info

are kept close.

First location to show inode table is called SUPERBLOCK.

Superblock is kept on the disk with 3-4 copies.

Privileges can be given to each of User, Group, Others.

Backs Hard/Symbolic Link.

On-the-fly Compress, immutable files vs..

slide13

EXT3

It is basicly the same as EXT2 but added

journal property.

EXT2 FS, can be easily converted to EXT3:

tune2fs -j /dev/hda5 ...

Journal is kept on a file.

System can be used as EXT2 in case of a journal error.

slide14

Reiser-FS

Metadata Journal. File System Information

On Demand, 3. Partu DATA Journal Support

Balanced B* tree. High Performance.

2 G File in directories without loss of performance..

It can hold small files in one block.

Namesys Compatibility

slide15

SGI-XFS

Enterprise is a file system for systems.

Many extra properties.

File system backup, POSIX 1003.1e ACL,

Extended Attributes vs. vs. vs.

64 Bit ..

No limit for the near future..

DMAPI for Hierarchical Data Storing..

slide16

SGI-XFS

XFS don’t aim for the highest performance.

POSIX 1003.6 Compatibility, ACL, MAC, Audit..

Strong, extendible FS..

%100 data loss free Journal..

More than one Storing unit..

On high level applications guaranteed level

Adequate performance..

slide17

Ext2

KB/sec

4K Blocs

1000

500

1K Blocs

50

100

% Fullness rate

slide18

ReiserFS

KB/sec

1000

500

50

100

% Fullness rate

slide19

ReiserFS (mount -o notail)

KB/sec

2000

1000

50

100

% Fullness rate

slide20

XFS

KB/sec

1000

500

50

100

% Fullness rate

slide21

Small but many files.

Particion vastness

Large files

Kernel I/O mechanism

Programs disk access..

WHY ?

Any access method isn’t suitable

for every time..

?

?

slide22

Real Life...

Programs may reach very different places at the same time..

There are no queued

Requests on the system..

No one can know what the programs will want on the next step..

slide23

Real Life...

It is a system which proved itself.

Adequently efficient if 4K blocks are used

Ext2FS

Can journal with ext3.

Fullness of the disk or defragmentation

doesn’t effect speed.

slide24

Real Life...

Very good on performance

Relatively small but for many files..

ReiserFS

Not so trustworty.

Reiser4 comes on September/November

2002..

slide25

Real Life...

Good on performance

Optimal performance is aimed.

XFS

Look strong,

can have interesting conflicts ..

not included in Kernel code..

SGI ? Promises alot with design targets

slide26

For people who don’t like mathematics...

We tested 3 different systems.

486 DX2 32 MB RAM, 4.3 GB HDD

CEL 433 128 MB RAM, 8.4 GB HDD

PIII 1000, 512 MB RAM, 40 GB HDD..

slide27

For people who don’t like mathematics...

On Desktop...

486 DX2 32 MB RAM, 4.3 GB HDD

XFS slowest, Reiser FS average, Ext2 good..

XFS and Ext2 never got down, Reiser FS :((

CEL 433 128 MB RAM, 8.4 GB HDD

XFS slowest, ReiserFS fast, Ext2 average

XFS and Ext2 never got down, Reiser FS :((

PIII 1000, 512 MB RAM, 40 GB HDD..

XFS - ReiserFS same, Ext2 :((

XFS and Ext2 never got down, Reiser FS :((

slide28

For people who don’t like mathematics...

We set up a network (Always been there...)

22 PIII 64..128 MB RAM, 6.4..20 GB HDD

Windows 98 and Mandrake 8.0

PIII 1000 CPU

512/1024 MB RAM

2x40 GB SoftRAID0 HDD

Suse 7.1, Linux 2.4.18 Kernel

Apache 1.3, Samba 2.2.3a

Sendmail + ipop3d

23 GB MP3

15 GB ISO Image..

3 100 Mbit Ethernet

slide29

For people who don’t like mathematics...

With Windows 98 :

Using Explorer, streaming music..

Copied ISO’s to the disk..

We sent CD’s to the main machine with FTP..

With Linux:

Watched clips through NFS.

Got ISO’s through FTP.

Downloaded MP3’s with Konqueror.

On every machine we ran STMP and POP3

with 150 processes..

slide30

For people who don’t like mathematics...

Performance

For Web Server:

ReiserFS -> Very good

XFS -> Good

ext2 -> Good

ext3 -> average..

FTP/SMB/NFS:

ReiserFS -> Good

XFS -> Very good

ext2 -> Acceptable.

ext3 -> Acceptable.

slide31

For people who don’t like mathematics...

Stability:

ReiserFS:

Make at least two UPS avaible.

Don’t forget to back up.

Can go down without sortege.

XFS:

Don’t necessarily pay for UPS.

Again don’t neglect back up.

Didn’t go down without sortege.

Could not be saved with Journal.

EXT2/EXT3:

Having UPS is a good thing.

Again don’t neglect back uping.

Didn’t go down without sortege.

slide32

For people who don’t like mathematics...

General recommendation:

For small,desktops ext2/ext3..

Larger machines, servers XFS..

For people who want to be fast and furious, ReiserFS

For ReiserFs you should wait Raiser 4..

slide38

Mounting a device on the file system

Sample.tar.z – index.html – Makefile – binutils-2.15.92.0.2-5. – vsftpd_2.0.3-1.deb

threat types
Internal Threat Elements

Ignorant and unconcious usage

Bad intended actions

~ % 80

External Threat Elements

Attacks that are aimed

Attacks that are loose

~ % 20

Threat Types
internal threat elements
Internal Threat Elements
  • Ignorent and Unconcious Usage
    • Unplugging of the Server by the cleaner
    • Database deletion by an uneducated employee
  • Bad Intended Actions
    • A fired employee changing the corporate web site
    • An employee who runs a “Sniffer” under the network and reading E-Mails
    • An executive selling a plan for a developed product to the rivals
external threat elements
External Threat Elements
  • Attacks that are aimed
    • An attacker changing the corporate web site
    • An attacker changing corporate accounting registers
    • Multiple attackers accessing the corporate web server and stolling it for service
  • Attacks that are loose
    • Virus Attacks (Melissa, CIH – Chernobyl, Vote)
    • Worm Attackers (Code Red, Nimda)
    • Trojan Back Doors (Netbus, Subseven, Black Orifice)
attacker types
Attacker Types
  • Professional Criminals
  • Young generation attackers
  • Corporate employees
  • Industry and Technology spies
  • Outside Government Administrations
quality of attackes and their guessed numbers
Quality of Attackes and Their Guessed Numbers

Hundreds

Thousands

Tens of Thousans

Millions

Carnegie Mellon University

(1998-1999-2000)

Very Dangerous

Predator

Mid-Level

Entry Level

attacker motivation
Attacker Motivation
  • Financial Benefits
  • Rivalry Advantage
    • Political
    • Economical/Commercial
  • Desire to Gain Extra Resources
  • Personal Anger or Revenge
  • Curiosity or Desire to Learn
  • Reckless Behaviour
systems that are on a network and have potential risks
Systems That Are on a Network And Have Potential Risks

Web Server that is left on the conjectural corporation

E-Mail server that allow Relay

Client that belongs to the secretary

Router

Internet

Client that belongs to the administrator

Security Wall

Security Wall that neglects divided packeges

Other Networks

Router that can channel source or Spoof

Local Network

spoofing
Spoofing
  • Basicly it can be defined as misleading the source.
  • Usually it is used to gain extra rights from the targer, diverting the guilt to other people’s/corporations responsibility, hide itself or arrange disorganized attacks.
  • It can be used in various protocols, verifiying systems , applying special processes.
spoofing tecniques
Spoofing Tecniques
  • MAC Spoofing can be made through changing of MAC addresses psically or with the changes in the ethernet packeges
  • ARP Spoofing can be made through misleading the matching of ARP protocol packeges and IP/MAC addresses
  • IP Spoofing can be made through changing the source IP address in IP packeges
  • DNS Spoofing can be made through taking over DNS servers or sending fake replies to the requests
  • Identity diversion can be made through copying cookies that are taken from Web server
  • It can be done in finger print systems with previously gotten finger print
spoofing example spoofing process

System to Take Over

1

2

Stay out

I am “it”

Attacker

Spoofing – Example Spoofing Process

System to be attacked

spoofing preventing methods
Spoofing – Preventing Methods
  • Using external verifying systems
  • Ousting services that uses verifying through IP,DNS,ARP,MAC addresses
  • Using static ARP tables, matching every port one Switches with a MAC address and protecting Switches from table overflows
  • Activating reverse request (RDNS, RARP vb.)
  • Stopping verifying informations (passwords,files etc.) being stored on client system
prevention methods of virus worm and trojan s
Prevention Methods of Virus, Worm and Trojan’s
  • Anti-Virus systems should be used to protect all clients and servers
  • To stop Worm attacks,precautions should be taken through Intrusion Detection Systems (if possible Security Wall)
  • Packages that come through Internet to the corporate Network with protocols like FTP,HTTP,STMP,POP3 and IMAP should be scanned by Anti-Virus systems and if possible an Anti-Virus Network Bridge should be used
file system security types
File System Security Types
  • Secure file deletion
  • Access control lists (ACL’s)
  • File encryption
  • Filesystem encryption
  • Hiding data
  • vipe - fwipe
  • NSA SELinux - RSBAC
  • PGP - GnuPG
  • TCFS - BestCrypt - PPDD
  • StegHide - OutGuess - RubberHose
gnupg
GnuPG

With GPG, you can create your public and privatekey pair, encrypt files

using your key, and also digitally sign a message toauthenticate that it’s

really from you.

some problems and solutions with gnupg
Some Problems and Solutions with GnuPG

1- Encrypting Directories

Problem:

You want to encrypt an entire directory tree.

Solution:

To produce a single encrypted file containing all files in the directory, with symmetric encryption:

$ tar cf - name_of_directory | gpg -c > files.tar.gpg

or key-based encryption:

$ tar cf - name_of_directory | gpg -e > files.tar.gpg

To encrypt each file separately:

$ find name_of_directory -type f -exec gpg -e '{}' \;

the source books
The Source Books
  • For Dummies – Linux All in One Desk Reference For Dummies May 2006
  • Hack Proofing Linux
  • For Dummies - Linux For Dummies 7th Edition May 2006
  • Prentice Hall PTR - Real World Linux Security
  • O'Reilly - Linux Security Cookbook
  • O’Reilly - Running Linux 5th Edition - 2005 Dec
the source links
The Source Links
  • http://www.informatik.uni-frankfurt.de/~loizides/reiserfs/
  • http://www.tldp.org/HOWTO/HOWTO-INDEX/os.html#OSPARTITIONS
  • http://www.namesys.com
  • http://en.wikipedia.org/wiki/Linux
  • http://www.oreilly.com/catalog/runlinux5/index.html
  • http://www.oreilly.com/catalog/linuxsckbk/
  • http://www.amazon.com/Real-World-Linux-Security-Prevention/dp/0130281875
  • http://www.dummies.com/WileyCDA/DummiesTitle/productCd-0471752827.html
  • http://www.amazon.com/Hack-Proofing-Linux-Source-Security/dp/1928994342
  • http://www.dummies.com/WileyCDA/DummiesTitle/productCd-0471752622.html
  • http://web.mit.edu/tytso/www/linux/ext2.html
  • http://uranus.it.swin.edu.au/~jn/explore2fs/es2fs.htm
  • http://www.ing.umu.se/~bosse/