HNS MAIN FEED
Tuesday, 17:12 EST
- OpenDNSSEC 1.0.0 released
- Microsoft releases giant patch collection
- 81% percent of e-mail links to malware
- Unaware of the dangers, most teens share personal info online
- Data harvested from Facebook used in boiler room scams
- A closer look at USB Secure 1.3.0
- Safety tips for online dating
- Researcher hacks security encryption chip found on millions of PCs
- Is authenticated XSS a problem?
- Online shopping safety: Consumers hold retailers responsible
- Seagate ships the Savvio 10K.4 hard drive
- Political hacktivism and the exploitation of tragedies is on the rise
Securing Linux
Here we go again. I decided to write another article concerning some overall security aspects of installing and running linux. To keep it short and simple, here are some good pointers to enhancing your system's security. But remember, there's no absolute security, so keep your eyes open, subscribe yourself to a few good mailing lists, and keep your software up-to-date.
Partitioning
Good partitioning does a lot of good to your system's security as it greatly simplifies your admin duties in case of a system crash and data recovery. You can create various partitions, and have them set as read-only, nosuid or similar. By having a partition mounted as nosuid you can simply address the SUID issue, generally connected to buffer overflows and obtaining a root shell or some other possibile security compromising flaws. More about the SUID issue can be read here. If you plan to run an FTP server, setting that partition would save you a lot of trouble in the future, as it is in read-write mode, but no suid programs can be run from it. The same can be said for mounting a partition read-only, or ro. You can always alter these settings, wich are located in /etc/fstab, for any of your block devices. Of course, 'man fstab(5)' and 'man mount(8)' are your good friends to get a grip on all possible options when mounting a filesystem. /etc/fstab is human readable, so you'll easy get into it.
Generally speaking, putting linux, or any other OS on a single partition is a major administration no-no, and with any multiuser, multitasking os, is asking for trouble, sooner or later. So, whenever possible, create at least these partitions, with sizes of your choices:
- / - which needs little space, but will house all of your other directories if you do not create them as stand-alone partitions,so consider that also before creating it
- /usr - houses most of your software, so you might consider allocating a lot of space here,
- /home - is the starting point for all users on your system, so allocate space according to the number of users you plan to have
- /var - which is required for all the administrative logs, mail, usenet news and other.
- A closer look at USB Secure 1.3.0
- Is authenticated XSS a problem?
- A closer look at File Encryption XP 1.5
- Corporations should follow the goverment's lead on attribution of cyberattacks
- IDS legacy is institutionalized failure
