Slayt 1 - Bilkent University
Download
Report
Transcript Slayt 1 - Bilkent University
Disk Organisation
Linux File Systems
Linux File System Hierarchy
General Security Information
Linux File System Security
Yiğit Cansın Hekimci
Can Dereli
Disk Organisations
What is a hard disk?
A hard disk drive (HDD, also commonly shortened to hard drive and formerly
known as a fixed disk) is a digitally encoded non volatile storage device which
stores data on rapidly rotating platters with magnetic surfaces.
In the simplest of forms , they give computers the ability to remember things when the
power goes out.
Hard disk contents
How hard disk works?
•
Sectors(256,512) and Tracks
•
O/S or hard disk groups them as
clusters
•
Low level formatting (beginning and
end points)
•
High level formatting
–
–
•
A sector
File storage scheme
Order of sector and tracks
After HLF platters are ready to
read/write
A track
Organization of Disks...
1. Positioning the head
to the sector
2. Sector is under
the head
Low speed reading
High positioning speed
High speed reading
Low positioning speed
Organization of Disks...
2. Positioning of the
sector is under the
head
The amount of time
passed to position
the sector under
the head is the
same inside and
outside.
But because of
having less sectors
inside the amount
of time passed to
position the sector
is relatively less.
Organization of Disks...
2. Positioning the
Sector under the
head..
Practically
%5-10
lesser.
Result in practice
Outside of the disk
is always
Faster.
SCSI vs. IDE...
SCSI
Better driver electronic
Better optimized sectors
Much faster head move.
Tag Sorting..
The most important factor
that reduces the search time for
the sector.
High Databus speed..
Much faster transfer
More device to the same
databus - RAID
SCSI Systems,
are indispensable for Applications
that need High Speed
Linux File Systems
Linux EXT2
File location informations are scattered througout
the disk.
The pointer to the file (inode) and file info
are kept close.
First location to show inode table is called
SUPERBLOCK.
Superblock is kept on the disk with 3-4 copies.
Privileges can be given to each of User, Group, Others.
Backs Hard/Symbolic Link.
On-the-fly Compress, immutable files vs..
Linux EXT2 - Metadata
EXT3
It is basicly the same as EXT2 but added
journal property.
EXT2 FS, can be easily converted to EXT3:
tune2fs -j /dev/hda5 ...
Journal is kept on a file.
System can be used as EXT2 in case of a journal error.
Reiser-FS
Metadata Journal. File System Information
On Demand, 3. Partu DATA Journal Support
Balanced B* tree. High Performance.
2 G File in directories without loss of performance..
It can hold small files in one block.
Namesys Compatibility
SGI-XFS
Enterprise is a file system for systems.
Many extra properties.
File system backup, POSIX 1003.1e ACL,
Extended Attributes vs. vs. vs.
64 Bit ..
No limit for the near future..
DMAPI for Hierarchical Data Storing..
SGI-XFS
XFS don’t aim for the highest performance.
POSIX 1003.6 Compatibility, ACL, MAC, Audit..
Strong, extendible FS..
%100 data loss free Journal..
More than one Storing unit..
On high level applications guaranteed level
Adequate performance..
Ext2
KB/sec
500
1000
4K Blocs
1K Blocs
50
100
% Fullness rate
ReiserFS
500
1000
KB/sec
50
100
% Fullness rate
ReiserFS (mount -o notail)
1000
2000
KB/sec
50
100
% Fullness rate
XFS
500
1000
KB/sec
50
100
% Fullness rate
WHY ?
Any access method isn’t suitable
for every time..
Small but many files.
Particion vastness
Large files
Kernel I/O mechanism
Programs disk access..
Real Life...
Programs may reach very
different places at the same
time..
There are no queued
Requests on the system..
No one can know what
the programs will want
on the next step..
Real Life...
It is a system which proved itself.
Adequently efficient if 4K blocks are used
Can journal with ext3.
Fullness of the disk or defragmentation
doesn’t effect speed.
Real Life...
Very good on performance
Relatively small but for many files..
Not so trustworty.
Reiser4 comes on September/November
2002..
Real Life...
Good on performance
Optimal performance is aimed.
Look strong,
can have interesting conflicts ..
not included in Kernel code..
SGI ? Promises alot with design targets
For people who don’t like mathematics...
We tested 3 different systems.
486 DX2 32 MB RAM, 4.3 GB HDD
CEL 433 128 MB RAM, 8.4 GB HDD
PIII 1000, 512 MB RAM, 40 GB HDD..
For people who don’t like mathematics...
On Desktop...
486 DX2 32 MB RAM, 4.3 GB HDD
XFS slowest, Reiser FS average, Ext2 good..
XFS and Ext2 never got down, Reiser FS :((
CEL 433 128 MB RAM, 8.4 GB HDD
XFS slowest, ReiserFS fast, Ext2 average
XFS and Ext2 never got down, Reiser FS :((
PIII 1000, 512 MB RAM, 40 GB HDD..
XFS - ReiserFS same, Ext2 :((
XFS and Ext2 never got down, Reiser FS :((
For people who don’t like mathematics...
We set up a network (Always been there...)
22 PIII 64..128 MB RAM, 6.4..20 GB HDD
Windows 98 and Mandrake 8.0
PIII 1000 CPU
512/1024 MB RAM
2x40 GB SoftRAID0 HDD
Suse 7.1, Linux 2.4.18 Kernel
Apache 1.3, Samba 2.2.3a
Sendmail + ipop3d
23 GB MP3
15 GB ISO Image..
3 100 Mbit Ethernet
For people who don’t like mathematics...
With Windows 98 :
Using Explorer, streaming music..
Copied ISO’s to the disk..
We sent CD’s to the main machine with FTP..
With Linux:
Watched clips through NFS.
Got ISO’s through FTP.
Downloaded MP3’s with Konqueror.
On every machine we ran STMP and POP3
with 150 processes..
For people who don’t like mathematics...
Performance
For Web Server:
ReiserFS
XFS
ext2
ext3
-> Very good
-> Good
-> Good
-> average..
FTP/SMB/NFS:
ReiserFS
XFS
ext2
ext3
-> Good
-> Very good
-> Acceptable.
-> Acceptable.
For people who don’t like mathematics...
Stability:
ReiserFS:
Make at least two UPS avaible.
Don’t forget to back up.
Can go down without sortege.
XFS:
Don’t necessarily pay for UPS.
Again don’t neglect back up.
Didn’t go down without sortege.
Could not be saved with Journal.
EXT2/EXT3:
Having UPS is a good thing.
Again don’t neglect back uping.
Didn’t go down without sortege.
For people who don’t like mathematics...
General recommendation:
For small,desktops ext2/ext3..
Larger machines, servers XFS..
For people who want to be fast and furious, ReiserFS
For ReiserFs you should wait Raiser 4..
Understanding
The Linux File System Hierarchy
Mounting a device on the file system
Sample.tar.z – index.html – Makefile – binutils-2.15.92.0.2-5. – vsftpd_2.0.3-1.deb
General Security Informations
Cert/CC Incidents Reported
Throughout the Years
60000
52658
50000
40000
30000
21756
20000
9859
10000
6
132
252
406
2340 2412 2573 2134 3734
773 1334
0
1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001
Threat Types
Internal Threat
Elements
External Threat
Elements
– Ignorant and unconcious
usage
– Attacks that are aimed
– Attacks that are loose
– Bad intended actions
~ % 80
~ % 20
Internal Threat Elements
• Ignorent and Unconcious Usage
– Unplugging of the Server by the cleaner
– Database deletion by an uneducated employee
• Bad Intended Actions
– A fired employee changing the corporate web site
– An employee who runs a “Sniffer” under the network
and reading E-Mails
– An executive selling a plan for a developed product to
the rivals
External Threat Elements
• Attacks that are aimed
– An attacker changing the corporate web site
– An attacker changing corporate accounting registers
– Multiple attackers accessing the corporate web server
and stolling it for service
• Attacks that are loose
– Virus Attacks (Melissa, CIH – Chernobyl, Vote)
– Worm Attackers (Code Red, Nimda)
– Trojan Back Doors (Netbus, Subseven, Black Orifice)
Attacker Types
• Professional Criminals
• Young generation
attackers
• Corporate employees
• Industry and Technology
spies
• Outside Government
Administrations
Quality of attack and the evolution of
attackers abilities (CERT/CC)
Quality of Attackes and Their
Guessed Numbers
Very Dangerous
Hundreds
Predator
Thousands
Mid-Level
Tens of
Thousans
Entry Level
Millions
Carnegie Mellon University
(1998-1999-2000)
Attacker Motivation
• Financial Benefits
• Rivalry Advantage
– Political
– Economical/Commercial
•
•
•
•
Desire to Gain Extra Resources
Personal Anger or Revenge
Curiosity or Desire to Learn
Reckless Behaviour
Systems That Are on a Network And
Have Potential Risks
Web Server that is left
on the conjectural
corporation
E-Mail server that
allow Relay
Client that
belongs to
the
secretary
Router
Internet
Client that
belongs to
the
administrat
or
Security Wall
Other Networks
Router that can
channel source or
Spoof
Security Wall that
neglects divided
packeges
Local Network
Spoofing
• Basicly it can be defined as misleading the source.
• Usually it is used to gain extra rights from the targer,
diverting the guilt to other people’s/corporations
responsibility, hide itself or arrange disorganized attacks.
• It can be used in various protocols, verifiying systems ,
applying special processes.
Spoofing Tecniques
• MAC Spoofing can be made through changing of MAC
addresses psically or with the changes in the ethernet
packeges
• ARP Spoofing can be made through misleading the
matching of ARP protocol packeges and IP/MAC
addresses
• IP Spoofing can be made through changing the source
IP address in IP packeges
• DNS Spoofing can be made through taking over DNS
servers or sending fake replies to the requests
• Identity diversion can be made through copying cookies
that are taken from Web server
• It can be done in finger print systems with previously
gotten finger print
Spoofing – Example Spoofing
Process
System to be attacked
System to Take Over
1
2
Stay out
I am “it”
Attacker
Spoofing – Preventing Methods
• Using external verifying systems
• Ousting services that uses verifying through
IP,DNS,ARP,MAC addresses
• Using static ARP tables, matching every port one
Switches with a MAC address and protecting Switches
from table overflows
• Activating reverse request (RDNS, RARP vb.)
• Stopping verifying informations (passwords,files etc.)
being stored on client system
Prevention Methods of Virus, Worm
and Trojan’s
• Anti-Virus systems should be used to protect all clients
and servers
• To stop Worm attacks,precautions should be taken
through Intrusion Detection Systems (if possible Security
Wall)
• Packages that come through Internet to the corporate
Network with protocols like FTP,HTTP,STMP,POP3 and
IMAP should be scanned by Anti-Virus systems and if
possible an Anti-Virus Network Bridge should be used
The Linux File System Security
File System Security Types
1. Secure file deletion
• vipe - fwipe
2. Access control lists (ACL’s)
•NSA SELinux - RSBAC
3. File encryption
• PGP - GnuPG
4. Filesystem encryption
• TCFS - BestCrypt - PPDD
5. Hiding data
• StegHide - OutGuess - RubberHose
GnuPG
With GPG, you can create your public and private key pair, encrypt files
using your key, and also digitally sign a message to authenticate that it’s
really from you.
GnuPG
Some Problems and Solutions
with GnuPG
1- Encrypting Directories
Problem:
You want to encrypt an entire directory tree.
Solution:
To produce a single encrypted file containing all files in the
directory, with symmetric encryption:
$ tar cf - name_of_directory | gpg -c > files.tar.gpg
or key-based encryption:
$ tar cf - name_of_directory | gpg -e > files.tar.gpg
To encrypt each file separately:
$ find name_of_directory -type f -exec gpg -e '{}' \;
The Source Books
• For Dummies – Linux All in One Desk Reference For
Dummies May 2006
• Hack Proofing Linux
• For Dummies - Linux For Dummies 7th Edition May 2006
• Prentice Hall PTR - Real World Linux Security
• O'Reilly - Linux Security Cookbook
• O’Reilly - Running Linux 5th Edition - 2005 Dec
The Source Links
•
•
•
•
•
•
•
•
•
•
•
•
•
http://www.informatik.uni-frankfurt.de/~loizides/reiserfs/
http://www.tldp.org/HOWTO/HOWTO-INDEX/os.html#OSPARTITIONS
http://www.namesys.com
http://en.wikipedia.org/wiki/Linux
http://www.oreilly.com/catalog/runlinux5/index.html
http://www.oreilly.com/catalog/linuxsckbk/
http://www.amazon.com/Real-World-Linux-SecurityPrevention/dp/0130281875
http://www.dummies.com/WileyCDA/DummiesTitle/productCd0471752827.html
http://www.amazon.com/Hack-Proofing-Linux-SourceSecurity/dp/1928994342
http://www.dummies.com/WileyCDA/DummiesTitle/productCd0471752622.html
http://web.mit.edu/tytso/www/linux/ext2.html
http://uranus.it.swin.edu.au/~jn/explore2fs/es2fs.htm
http://www.ing.umu.se/~bosse/