Linux security basics

LinuxWorld |  Operating Systems

Drivers do a better job when they keep an eye out for obstacles, and know what threats to expect and how to respond to them. Mailing lists are essential to doing this. CIAC and CERT run low-volume mailing lists with information about security threats, as do many Linux vendors such as Red Hat, SuSE, Debian, and Mandrake. (See Resources for those vendors' security sites, which have links to their security mailing lists.) If you want a closer look at day-to-day happenings, BugTraq is the mailing list where many security issues first surface.

To keep an eye on where you're going, read your log files. That is the first thing I do at work every morning, after reading my email. If you run an intrusion detection system such as Snort, you should read those logs too. The SANS Institute's GIAC (Global Incident Analysis Center) program lets you find out what other people's intrusion detection systems are uncovering; reading other admins' logs is an excellent way to learn the lay of the land.

Perform regular maintenance

Even the safest automobile must undergo regular inspections and maintenance to remain in good working order. Computers also need to be maintained. For Linux systems, that means regular updates to software. Red Hat Linux, for example, updates security frequently: one or more updates in a week is fairly common.

While it can be challenging to keep all your systems' software up-to-date, it is necessary. Almost all systems are broken into by script kiddies who exploit well-known holes in out-of-date software. You can think of it as a race: will they find the holes in your system before you patch them? Many Linux distributions now have tools that update your software almost automatically. Debian and its derivatives support the apt-get update command, Mandrake has MandrakeUpdate, and Red Hat has up2date. Using those tools, or otherwise keeping all software on your system current, is essential to winning the race against the script kiddies.

Like driving, computer security can be awfully boring. To stay safe, you must abide by these simple principles:

Back up your system as an insurance policy

Know what you're trying to protect

Follow all relevant policies -- write your own if necessary

Know how to measure your exposure, then limit it

Keep an eye out for likely threats

Keep your software up to date

Keeping secure systems requires perseverance, consistency, and eternal vigilance.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Operating SystemsWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness