ITworld.com's Linux Security newsletter has been without a regular
author for a while but that's about to change. As of this issue, I'll
be writing this column every week. I currently plan on covering a
variety of topics from specific Linux security commands, programs,
products, and configurations to non-technical ramblings about the
problems that Linux security folks face in the real world. If you have
anything specific you'd like to see covered, would like me to clarify
things, or think I'm completely off my rocker, please drop me a line at
Anyone who has watched TV has eventually watched a show about two
faithful cops, spies, or private-eye partners. Crockett had Tubs,
Starsky had Hutch, and Cagney had Lacy. When things got tough, they
always knew they had someone who could help them out of whatever mess
they'd fallen into. The world of Linux security is no different. For
me, that person is my partner-in-crime, James Lee. True, "Hatch and
Lee" doesn't have the same ring as "Steed and Peel", but it's too late
to bring in a screenwriter to make us sound glamorous.
Most folks in the computer industry consider themselves good, if not
experts, in their fields. As such, sharing responsibility doesn't come
easy. Most folks in charge of security would prefer to manage
everything themselves, rather than work with others and share the
power. While this is good for their job security, it is bad for
Having someone else who you can call on in a pinch is a must. Times
will arise when you are unable to fix a security problem because you
are away on vacation, your home network access has gone south, or
you're waiting in line for tickets to the next Lord of the Rings movie.
Security concerns are even more time sensitive than normal
administrative hassles. Not patching the latest BIND bug because you
are on a beach can be a disaster when the next worm is developed.
Another benefit of a good backup person can be found in the tenet of
Open Source: With enough eyes, all bugs are shallow. When your trusted,
equally-paranoid partner takes a look at your iptables entries next
time something needs fixing, he may find mistakes that you didn't
intend or notice that "temporary" hole you opened up and forgot to
If you fit into the paranoid-administrator category (of which I proudly
consider myself a member), then take an introspective moment and decide
whom you would trust with your root password(s). Ideally, you should
find someone who knows as much as you do about Linux and security. Have
them check out your system's configuration. They likely have different
ways of doing things; by comparing notes, you can both learn from each
Make sure that the coverage is bi-directional. Though helping them out
in their time of need may be inconvenient, realize building up good
Karma is crucial so that they are there for you when you need them.
Never underestimate the usefulness of "you owe me one".
Finally, set up your security alerts to go to both you and your backup
so they can see what your machine looks like under normal
circumstances. Once you're sure they know your system, take an extended
trip to Hawaii and see if your trust was well founded.