1.3.3.2 : Applying the Correct Security Procedures

Data Protection:
We need to protect the data as it may somehow get lost or corrupted due to some viruses or mishap like fire, flood, lightning, machine failures and even human errors. Ways to protect the information:
• make backup files
• detect the virus and clean the computer
• warn others on virus attacks
Detecting Illegal Access To Systems:
The computer system detects any illegal access to the system. Tcpwrappers and tripwire are often used to detect any illegal access. User's access will be reviewed periodically (internal audits) by computer operations. It is to ensure detection of violations of security and unauthorised modifications to software and data .
Tcpwrappers:
Control access at the application level, rather than at the socket level like iptables and ipchains. The system will run tcpwrappers to log access to ftp, tftp, rch, rlogin, rexec and telnet.
Tripwire:
Detect and report on any changes in the thousands of strategic system files. The system will run tripwire to determine if system files have changed.
Preventing Illegal Access To Systems:
Computer systems would not allow any unauthorised users to simply access the system. Ways:
· Run anlpassword to make password cracking difficult.
· Run tcpwrappers to check if the name for an ip address can be provided by DNC
· Use a callback system to prevent unauthorised use of stolen passwords.
Preventing Illegal Root Acces:
To prevent we should have Sudo (Superuser do) so that people can perform on some machine without getting access to the entire root if that is not required. With Sudo we did not have to give out the root password.
Sudo is a program in Unix, Linux and similar operating systems such as Mac OS X that allows users to run programs in the form of another user. Sudo allows a permitted user to execute a command as the superuser or another user, as specified in the sudoers file.
Patch:
Patch supplies small updates to software, provided that the source code is available. It is a UNIX utility. It applies a script generated by the different program to a set of files that allows changes from one file to be directly applied to another file. Resources are not enough to patch all security holes that we hear about through the bugtraq list.