Security analysis of the Raspbian Linux operating system and its settings to increase resilience against attacks via network interface
Title | Security analysis of the Raspbian Linux operating system and its settings to increase resilience against attacks via network interface |
Publication Type | Conference Paper |
Year of Publication | 2021 |
Authors | Gallus, Petr, Frantis, Petr |
Conference Name | 2021 International Conference on Military Technologies (ICMT) |
Date Published | jun |
Keywords | cyber attack, cyber security, Internet, IP networks, Linux, Network interfaces, Operating systems, Operating Systems Security, pubcrawl, Raspbian, resilience, Resiliency, security, Security by Default, Servers |
Abstract | The Internet, originally an academic network for the rapid exchange of information, has moved over time into the commercial media, business and later industrial communications environment. Recently, it has been included as a part of cyberspace as a combat domain. Any device connected to the unprotected Internet is thus exposed to possible attacks by various groups and individuals pursuing various criminal, security and political objectives. Therefore, each such device must be set up to be as resistant as possible to these attacks. For the implementation of small home, academic or industrial systems, people very often use small computing system Raspberry PI, which is usually equipped with the operating system Raspbian Linux. Such a device is often connected to an unprotected Internet environment and if successfully attacked, can act as a gateway for an attacker to enter the internal network of an organization or home. This paper deals with security configuration of Raspbian Linux operating system for operation on public IP addresses in an unprotected Internet environment. The content of this paper is the conduction and analysis of an experiment in which five Raspbian Linux/Raspberry PI accounts were created with varying security levels; the easiest to attack is a simulation of the device of a user who has left the system without additional security. The accounts that follow gradually add further protection and security. These accounts are used to simulate a variety of experienced users, and in a practical experiment the effects of these security measures are evaluated; such as the number of successful / unsuccessful attacks; where the attacks are from; the type and intensity of the attacks; and the target of the attack. The results of this experiment lead to formulated conclusions containing an analysis of the attack and subsequent design recommendations and settings to secure such a device. The subsequent section of the paper discusses the implementation of a simple TCP server that is configured to listen to incoming traffic on preset ports; it simulates the behaviour of selected services on these ports. This server's task is to intercept unauthorized connection attempts to these ports and intercepting attempts to communicate or attack these services. These recorded attack attempts are analyzed in detail and formulated in the conclusion, including implications for the security settings of such a device. The overall result of this paper is the recommended set up of operating system Raspbian Linux to work on public IP addresses in an unfiltered Internet environment. |
DOI | 10.1109/ICMT52455.2021.9502746 |
Citation Key | gallus_security_2021 |