Security analysis of the Raspbian Linux operating system and its settings to increase resilience against attacks via network interface

2021 International Conference on Military Technologies (ICMT) Pub Date : 2021-06-08 DOI:10.1109/ICMT52455.2021.9502746

P. Gallus, P. Frantis

{"title":"Security analysis of the Raspbian Linux operating system and its settings to increase resilience against attacks via network interface","authors":"P. Gallus, P. Frantis","doi":"10.1109/ICMT52455.2021.9502746","DOIUrl":null,"url":null,"abstract":"The Internet, originally an academic network for the rapid exchange of information, has moved over time into the commercial media, business and later industrial communications environment. Recently, it has been included as a part of cyberspace as a combat domain. Any device connected to the unprotected Internet is thus exposed to possible attacks by various groups and individuals pursuing various criminal, security and political objectives. Therefore, each such device must be set up to be as resistant as possible to these attacks. For the implementation of small home, academic or industrial systems, people very often use small computing system Raspberry PI, which is usually equipped with the operating system Raspbian Linux. Such a device is often connected to an unprotected Internet environment and if successfully attacked, can act as a gateway for an attacker to enter the internal network of an organization or home. This paper deals with security configuration of Raspbian Linux operating system for operation on public IP addresses in an unprotected Internet environment. The content of this paper is the conduction and analysis of an experiment in which five Raspbian Linux/Raspberry PI accounts were created with varying security levels; the easiest to attack is a simulation of the device of a user who has left the system without additional security. The accounts that follow gradually add further protection and security. These accounts are used to simulate a variety of experienced users, and in a practical experiment the effects of these security measures are evaluated; such as the number of successful / unsuccessful attacks; where the attacks are from; the type and intensity of the attacks; and the target of the attack. The results of this experiment lead to formulated conclusions containing an analysis of the attack and subsequent design recommendations and settings to secure such a device. The subsequent section of the paper discusses the implementation of a simple TCP server that is configured to listen to incoming traffic on preset ports; it simulates the behaviour of selected services on these ports. This server’s task is to intercept unauthorized connection attempts to these ports and intercepting attempts to communicate or attack these services. These recorded attack attempts are analyzed in detail and formulated in the conclusion, including implications for the security settings of such a device. The overall result of this paper is the recommended set up of operating system Raspbian Linux to work on public IP addresses in an unfiltered Internet environment.","PeriodicalId":276923,"journal":{"name":"2021 International Conference on Military Technologies (ICMT)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Military Technologies (ICMT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICMT52455.2021.9502746","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

The Internet, originally an academic network for the rapid exchange of information, has moved over time into the commercial media, business and later industrial communications environment. Recently, it has been included as a part of cyberspace as a combat domain. Any device connected to the unprotected Internet is thus exposed to possible attacks by various groups and individuals pursuing various criminal, security and political objectives. Therefore, each such device must be set up to be as resistant as possible to these attacks. For the implementation of small home, academic or industrial systems, people very often use small computing system Raspberry PI, which is usually equipped with the operating system Raspbian Linux. Such a device is often connected to an unprotected Internet environment and if successfully attacked, can act as a gateway for an attacker to enter the internal network of an organization or home. This paper deals with security configuration of Raspbian Linux operating system for operation on public IP addresses in an unprotected Internet environment. The content of this paper is the conduction and analysis of an experiment in which five Raspbian Linux/Raspberry PI accounts were created with varying security levels; the easiest to attack is a simulation of the device of a user who has left the system without additional security. The accounts that follow gradually add further protection and security. These accounts are used to simulate a variety of experienced users, and in a practical experiment the effects of these security measures are evaluated; such as the number of successful / unsuccessful attacks; where the attacks are from; the type and intensity of the attacks; and the target of the attack. The results of this experiment lead to formulated conclusions containing an analysis of the attack and subsequent design recommendations and settings to secure such a device. The subsequent section of the paper discusses the implementation of a simple TCP server that is configured to listen to incoming traffic on preset ports; it simulates the behaviour of selected services on these ports. This server’s task is to intercept unauthorized connection attempts to these ports and intercepting attempts to communicate or attack these services. These recorded attack attempts are analyzed in detail and formulated in the conclusion, including implications for the security settings of such a device. The overall result of this paper is the recommended set up of operating system Raspbian Linux to work on public IP addresses in an unfiltered Internet environment.

查看原文本刊更多论文

对Raspbian Linux操作系统及其设置进行安全分析，以增强对网络接口攻击的弹性

Internet最初是一个用于快速交换信息的学术网络，随着时间的推移，它已经进入了商业媒体、商业和后来的工业通信环境。最近，它已被纳入网络空间作为一个作战领域的一部分。因此，任何连接到未受保护的互联网的设备都可能受到各种团体和个人的攻击，这些团体和个人追求各种犯罪、安全和政治目标。因此，每个这样的设备必须设置为尽可能抵抗这些攻击。对于小型家庭、学术或工业系统的实现，人们经常使用小型计算系统Raspberry PI，它通常配备Raspbian Linux操作系统。这种设备通常连接到不受保护的Internet环境，如果攻击成功，可以作为攻击者进入组织或家庭内部网络的网关。本文讨论了在无保护的Internet环境下，在公共IP地址上运行的Raspbian Linux操作系统的安全配置。本文的内容是对5个不同安全级别的覆盆子Linux/覆盆子PI帐户的实验进行了介绍和分析;最容易受到攻击的是在没有额外安全措施的情况下对离开系统的用户的设备进行模拟。随后的帐户逐渐增加了进一步的保护和安全。这些帐户被用来模拟各种有经验的用户，并在实际实验中评估这些安全措施的效果;例如攻击成功/失败的次数;攻击来自哪里;攻击的类型和强度;以及袭击的目标。该实验的结果导致制定的结论，其中包含对攻击的分析以及随后的设计建议和设置，以确保此类设备的安全。本文的后续部分讨论了一个简单的TCP服务器的实现，该服务器被配置为侦听预设端口上的传入流量;它模拟这些端口上选定服务的行为。该服务器的任务是拦截对这些端口的未经授权的连接尝试，并拦截通信或攻击这些服务的尝试。对这些记录的攻击尝试进行了详细分析，并在结论中进行了阐述，包括对此类设备的安全设置的影响。本文的总体结果是推荐设置操作系统Raspbian Linux，以便在未过滤的Internet环境中在公共IP地址上工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2021 International Conference on Military Technologies (ICMT)

自引率

0.00%

发文量