Linux security basics

LinuxWorld |  Operating Systems

Computer security professionals say users and administrators should develop a threat model, which states what you're trying to protect from whom. Do you want to protect your ability to access the network, to print, or to store files? Are you worried about the confidentiality of certain files on your system? Are you worried that people might alter or destroy data? Do you want to keep hackers from defacing your Website and damaging your corporate image?

Implementing security measures requires at least an implicit understanding of your threat model, but simply understanding the risks is not the same as insurance.

A more direct form of insurance is backups. Depending on your threat model and system configuration, you may want to emphasize different portions of the backup procedure. If your system is a standard off-the-CD Linux install with little customization of your configuration files, you may only need a zip disk to back up the files in your home directory. If you've customized your system extensively, you might wish to back up your /etc and /usr/local directories as well. If you don't think restoring those files with a fresh install will accurately reflect your current system, you may want to regularly perform full backups of your system.

Rules of the road

Almost every local government in the world requires you to possess a license in order to drive. Before getting even a learner's permit, you must pass a test that proves you understand the rules of the road. (I've often wished for an Internet Driver's License that indicates an understanding of netiquette, but that's a different article altogether.) As a network user, your driver's handbook is your ISP's Terms of Service agreement; if you use computers at work, you must also abide by corporate guidelines or policies.

Terms of service may include limitations on network monitoring and running services, along with strong language about respecting intellectual property. Corporate policies also typically cover strong passwords, the use of systems for non-work-related activities, confidentiality agreements, and so on.

As a system administrator, I've defined a number of policies, including our organization's password policy and several policies that authorize me to decode network traffic and scan our computer systems for security holes. If you think that doesn't matter, read about the Randal Schwartz case and about the CIA agents recently disciplined for running an unauthorized chat server. (See Resources for links.) If you don't have policies, you should develop them.

Wear your seatbelt

Join us:






Operating SystemsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question