Introduction

ShuLin - Ubuntu Hardening

Problem Statement SIH1446

Title: Developing a GUI based hardening script for Ubuntu operating system with flexibility to cater for organizational security policies.

Description: Hardening of an operating system involves implementation of security measure to make the system compliant with the security policies of the organization. The procedure for hardening should be intuitive to allow ease of use by personnel with minimal IT skills. The goal of this problem statement is to generate a script which is undertakes hardening of Ubuntu OS using an GUI based approach. During the hardening process, the user should have the flexibility to make settings based on the organizations IT security policy provision like blocking ssh, usb, ToR etc. The grading of tool will be based on hardening functions implemented, attention to user experience and flexibility to take user settings. Developer should remember that security is of utmost importance.

Organization: National Technical Research Organization(NTRO)

What is NTRO

NTRO, the National Technical Research Organization, is India's specialized technical intelligence agency.

  • Technical Intelligence Collection
  • Satellite and Aerospace Surveillance
  • Cybersecurity and Cyber Intelligence
  • Electronic Signals Intelligence (ELINT)
  • Communication Interception and Monitoring

Organizational needs they might have: Since NTRO is an intelligence agency they will adhere to strict security policies and regulatory compliance, I mean they should! I have listed some of the possible needs.

  • Security Policies and Compliance: They might have predefined security policies and compliance standards to safeguard national security. These encompass data security, access control, and information protection.

  • Customization for Security Policies: Like Venkatesh suggested that in the external hackathon, they will suggest a lot of changes so we should design the architecture keep flexibility in mind to accommodate their(judges or NTRO's) unique security policies and guidelines.

  • Access Control and User Permissions:

  • Audit and Logging: Comprehensive auditing and logging are critical for monitoring and auditing system activities, serving as a history reference for a future intrusion!

  • Integration with Existing Tools:

  • Usability and Training: Proper training and documentation are essential to ensure effective use of the system hardening tools(ShuLin).

Hardening