Security considerations when migrating from Unix to Linux
The Linux server market is expected to grow by 35% from last year, according to research firm IDC. Many of these Linux systems are replacing Unix in corporations looking to reduce IT costs. However, at the same time, there are more attacks on Linux than ever before. So, if you're considering a migration from your Unix systems to Linux, it's important to keep security in mind.
Native Unix and Linux operating systems share many of the same security vulnerabilities. For example, both operating systems don't allow delegation of administrative privileges - particularly tasks that require root-level authority. As a result, many companies find that too many users have more authority than they need while also sharing the root password.
Also, both Unix and Linux provide limited logging capabilities by capturing system activity through syslog. However, security information captured in syslog is limiting and may not meet regulatory requirements such as those established by the Health Insurance Portability and Accountability Act or the Gramm-Leach-Bliley Act, nor will it help in troubleshooting and forensics.
[ Read more ]
- Review: HackNotes Linux and Unix Security Portable Reference (24 October 2003)