79.14 Network Security

There is a lot to understand about networking in order to secure your network. Fortunately Debian GNU/Linux is generally by default quite secure. That is, the default configuration of packages tend to be secure. You have to take action to make them insecure. Nontheless, it is possible!

Here are some random jottings:

To start with, if someone has physical access to your hub-based network they can plug in a machine and do many things.

With a passive ethernet frame sniffer an attacker can listen for ARP requests on a network and guess at IP addresses that may not be in use within the range of available adresses for the network and use this as its own address. Even if your network has hosts using the whole range of addresses that are available there’s always the likelihood that one PC or Laptop is turned off so that its IP address is free.

If you use a switch-network and put MAC address filters on the switch an attacker can simply unplug an existing PC or Laptop and take over its MAC address.

Normally the MAC address is in the ethernet card. A typical situation is to plug a Laptop into a network and perhaps bring up the interface using DHCP to get an IP but may not be able to do much more.

In some situations the MAC address can be set in software. DECnet, for example, depends on being able to do this. Older suns had the MAC in battery-backedup ram and used the same address for all ethernet cards in the system. When you change the 48 bit MAC address you are actually turning it into a customised MAC address which will be 96 bits long consisting of the original 48 bit MAC followed by the new 48 bits you set. To the outside it appears as another MAC address.

You can change the MAC address with:

  # ifconfig eth0 hw ether 00:50:56:01:00:00

Turning off DHCP will help protect against users that plug in a Laptop but not the hackers you’re trying to guard against.

FROM http://www.linuxlock.org/features/somjuly00.html

                    LinuxSecurity.Com wins Source of the Month for July,

                    This month's LinuxLock.Org Security Source of the Month goes to a group of individuals dedicated to
                    bringing security to the fore-front of the linux community; this is the staff of LinuxSecurity.Com. Since
                    we started following the site in January 2000, it has evolved into one of the internet's premiere sources
                    of Linux Security Information. 

                    LinuxSecurity.Com contains a large newsfeed, of linux security news, articles, and press releases, to
                    keep us on top of the industry. 

                    This month pushed them over the top, when they released The Linux Security Quick Reference
                    Guide. This guide is a printable **pdf** document with numerous security checks and tips, some of the
                    sections include Linux Kernel Security, File Permissions, Intrusions Detection, Linux Security
                    Resources, and more. 

                    LinuxSecurity.Com has provided original features every month, covering things such as, how to use
                    certain security tools, and interviews with Security Guru's. This month LinuxSecurity Interviews Carr
                    Biggerstaff, Senior Vice President of Marketing, and Thomas Haigh, Vice President and Chief
                    Technologist for Secure Computing, Inc. about their work with Linux and security. 

                    LinuxSecurity.Com recieved a Slashdot post this month for an Interview they conducted with Jay
                    Beale, the Lead Developer of the Bastille Project. This post on Slashdot is the kind of press Linux needs
                    to be more aware of the security issues surrounding us, and the solutions that exsist. 

                    LinuxSecurity.Com also contains a rather complete and growing Resources Section, a listing of local
                    linux security providers, a newsletter, a mailing list, and a weekly security digest. 

                    They also feature a LinuxSecurity.Com Security Tip of the Day, that can be found on other sites such as
                    the highly travelled LinuxToday.Com 

                    We all at LinuxLock.Org applaud the efforts of LinuxSecurity.Com and encourage you all to go and
                    visit their site, and use the various features
                    they have to offer... Keep up the good work. 

Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0