Featuring 15 Papers as of December 1, 2011
Securing Blackboard Learn on Linux
David Lyon - December 1, 2011
Blackboard Learn (Bb Learn) is an application suite providing educational technology to facilitate online, web based learning. It is typical to see Bb Learn hosting courses and content. Common add-ons include the Community and Content systems which are licensed separately.
Hardening Debian 4.0 Creating a simple and solid foundation for your applications
Alexandre Dery - January 14, 2008
Any operating system is vulnerable to attacks if it's not properly configured. People get really emotional about the security of their preferred operating system: every mildly technical forum is bound to be a battle ground for flame wars between OS lovers. But the bottom line is: company politics and policies aside, whatever the operating system is, its security depends mainly on the knowledge of its administrator. Debate all you want, but even an OpenBSD server will be hacked if its administrator has no clue!
NFS Security in Both Trusted and Untrusted Environments
Jakub Dlugolecki - November 1, 2007
This paper describes risks of using NFSv3 and NFSv4 in environments where performance is considered to be a more important factor than security. The paper also describes ways to mitigate those risks.
Secure Network Configuration Management for Linux based Routers
Ron Young - May 5, 2005
This paper presents a detailed implementation and operation plan for remote configuration management of a research network infrastructure. GIAC University is currently involved with several large-scale research projects that utilize individually identifiable medical records.
Step by Step Installation of a Secure Linux Web, DNS and Mail Server
John Holbrook - April 8, 2004
This paper will show how the author configured a Linux based web and e-mail server for a small company. This server is co-located at a local ISP. Because of budget limitations, the company can only locate one physical box at the ISP which limits what security measures that can be installed.
Linux Kernel Hardening
Taylor Merry - December 21, 2003
This paper outlines the installation and configuration of a Grsecurity-enhanced kernel.
Linux Process Containment - A practical look at chroot and User Mode
Paul Lessard - October 31, 2003
This document will explore some of the general ideas of how process containment is performed with chroot and User-mode Linux, and how to help ensure that a successful attack on a jailed process does not affect the main system.
Secure OS Environments for Linux
Pedro Luz-Romero - October 31, 2003
In this paper I make a review of the main set of tools and resources available for Linux system administrators willing to build an operating system with enhanced security features that allow applications to run securely in a network accessible from the Internet.
Linux RootKits For Beginners - From Prevention to Removal
Jeromey Hannel - October 31, 2003
This paper provides an understanding of rootkits and will discuss how to monitor for a rootkit, and the steps taken to remove one.
Security Applications of Bootable Linux CD-ROMs
Richard Bajusz - October 31, 2003
This paper examines the security applications of bootable Linux CD-ROMs.
The Easily Recoverable CD-ROM Booted Linux Internet Server: A How-To
Brian Otto - October 31, 2003
The purpose of this paper is to detail the general steps to create a read-only Internet Server providing DNS and static web pages (bind and Apache).
The Role of Bastille Linux in Information Security
Michael Grimaila - October 31, 2003
In this paper, the author will briefly examine the evolution of Linux, discuss its popularity, and examine in detail Bastille Linux, which is used to increase the security of RedHat and Mandrake Linux distributions.
Aggressive Patching and the Use of a Standard Build: An OpenBSD Example
Michael Sullenszino - October 31, 2003
This paper discusses the importance of a standard build and defines Aggressive Patching as a vital part of defense in depth. It then goes on to demonstrate how to implement Aggressive Patching by creating a Standard Build internet server farm and support structures that allow for automated patching and rapid deployment of hardened servers.
Using Linux Scripts to Monitor Security
Harvey Newstrom - October 31, 2003
This paper will demonstrate how to create a generic tool using Linux scripting to enable network security monitoring.
An Introduction to the NSA's Security-Enhanced Linux: SELinux
Susan Rajnic - October 31, 2003
This paper will introduce the NSA's research project termed "Security-enhanced" Linux.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact firstname.lastname@example.org.
All papers are copyrighted. No re-posting or distribution of papers is permitted.