Python networking expert needed

sajhal-1
IT369session3.pptx
Home>Computer Science homework help>Python networking expert needed

IT 369: Session 3

Identity & Access Management

Three Review and Challenge Questions

Please define Authentication, Authorization, and Non-repudiation

Describe Multifactor Authentication?

Question: Where would I look to see what has been happening on my linux machine? For example, if any daemons were running?

Logs and How to View Them

Location of logs (typically) in Linux: /var/log

Syslog is a process that generates lots of log data

Without having external tools, use of grep, tail, cat all likely

Here’s the fancy answer, and let’s explain:

tail -200 syslog.1 | grep daemon

(these commands will be helpful to you in securing your LAMP stack which is the third lab!)

Stay updated…

If VirtualBox alerts you to a newer version at startup, it is recommended that you update VirtualBox

Housekeeping

Readings on Syllabus

Lab progress: #2 due Tuesday night. #3 has been posted but will be reviewed in next class session.

Today we discuss Identity & Access Management.

Chapter: Identity & Access Mgmt

Recommend studying Topic Review from book prior to test

Recommend Chapter Practice test

Some topics of note:

Authentication v. Identification v. Authorization

Multiple factors of Authentication

Password Complexity: how much is too much? how to find a happy medium?

Fobs, Tokens, RFID vs. Swipe

Access Control models

DAC v. MAC v. ABAC v. RBAC etc.

Spatial vs. Temporal

User Accts v. Privileged Accts v. Service Accts (Least Privilege)

IAM Chapter Critical Thinking

What process is in place (or should be) to prevent social engineering of a users password?

Is every action in an organization logged? Is every transaction traceable to a single human?

Are new accounts hackable because of default passwords?

If a systems administrator abruptly left your organization, are you vulnerable? What is the process when someone with elevated access leaves? Is it written? How long does it take to execute?

Do account lockout policies add risk? What is the risk of having no lockout policy? (Door PIN example)

Your analysis?

IAM Chapter Critical Thinking

Does hashing a password solve the problem?

If MD5 Hash was used, probably not:

https://www.my1login.com/resources/password-strength-test/

https://www.md5hashgenerator.com

https://www.md5online.org/md5-decrypt.html

Does your organization have written password policies?

Could you write one if needed?

Do your applications have this issue resolved?

How would you know?

Overt: Interview, code review, whitebox testing

Covert: blackbox testing

Your analysis?

What does this indicate?

How might this differ from pseudocode outline of what should be happening?

Three Tier Architectures

Q: Purpose?

Q: # machines?

Q: Phys/Virt Diff?

Q: Cloud?

Q: Firewalls?

Linux File Permissions

File Type (blank=file, d=Directory, l=link, etc.)

Three sets (User, Group, Others)

Read (4), Write (2), Execute (1) gives combinations of 1,2,3,4,5,6,7

Easily set using the CHMOD command (e.g. "chmod 777 test.txt”)

Linux Hands On: Looking at Logs

EXAM: LEARN THE CAPABILITY - NOT THE SYNTAX

more <filename>

wc -l <filename>

grep <string> <filename(s)>

Examples (from /var/log)

ls -l sysl*

wc -l syslog.1

more syslog.1

tail syslog.1

grep daemon syslog.1

tail -200 syslog.1 | more

sudo and updating your sandbox

sudo allows you to do (do) something as super user (su)

Super user often called “root” but Ubuntu slightly different

Before attempting labs #3 and #4, you’ll want to make sure you on the latest and greatest:

sudo apt-get update

sudo apt-get upgrade

(This operation could take several minutes, fyi)

Lab Status

Lab #1 complete

Lab #2 due Tuesday night

Lab # 3 will be the LAMP stack, for those looking ahead. It is posted for those who want to jump ahead or have conflicts. Do so at your own risk, but I encourage it.

You may wish to export for safety & resiliency before and after successful completion.

LAMP is Linux, Apache, MySQL, and Python for us (M & P are often replaced with alternatives such as MariaDB, Perl, PHP)

Stretch Goals

If you’re all caught up, stretch goals:

Install additional instances under VBox, perhaps another O/S ? Post a report of it to a thread on the discussion board perhaps?

Test NAT-Network to connect both to one another (test using ping). Instructions in last weeks’ slides.

We will implement a firewall between them using UFW. Why not look into it on your own?