Latest news
Basic hardening Linux
Linux is capable of high-end security; however, the out-of-the-box configurations must be altered to meet the security needs of most businesses with an Internet presence.This article shows you the steps for securing a Linux system called hardening the server using both manual methods and open source security solutions. The hardening process focuses on the operating system, and is important regardless of the services offered by the server.The steps will vary slightly between services, such as e-mail and Hypertext Transfer Protocol (HTTP), but are essential for protecting any server that is connected to a network, especially the Internet. Hardening the operating system allows the server to operate efficiently and securely.
This article includes the essential steps an administrator must follow to harden a Unix system; specifically, a Red Hat Linux system. These steps include updating the system, disabling unnecessary services, locking down ports, logging, and maintenance. Open source programs allow administrators to automate these processes using Bastille, sudo, logging enhancers such as SWATCH, and antivirus software. Before you implement these programs, you should first understand how to harden a system manually.
An linux system may contain many security vulnerabilities and software bugs when it is first released.Vendors, such as Red Hat, provide updates to the operating system to fix these vulnerabilities and bugs. In fact, many consulting firms recommend that companies do not purchase and implement new operating systems until the first update is available. In most cases, the first update will fix many of the problems encountered with the first release of the Linux system(distrobution).
[ Read more ]
Related items
- Review: Red Hat Linux Survival Guide (30 May 2003)
- Review: Hacking Exposed Linux 2/e (8 May 2003)
- Review: Linux Administration Handbook (30 April 2003)
- Review: PTG Interactive's Training Course for Red Hat Linux: A Digital Seminar on CD-ROM 2/e (11 April 2003)
- Review: Red Hat Linux 8 Bible (21 March 2003)
- Review: Linux System Security: The Administrator's Guide to Open Source Security Tools, 2/e (14 March 2003)
- Review: A Practical Guide to Red Hat Linux 8 (9 March 2003)
- Review: The Complete Linux Shell Programming Training Course (7 March 2003)
- Review: Real World Linux Security, 2/e (22 November 2002)
- Review: Advanced Linux Networking (24 September 2002)
- Review: Multitool Linux: Practical Uses for Open Source Software (10 September 2002)
- Review: Linux System Administration - A User's Guide (18 August 2002)
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
