Linux Security

For many companies, migrating from Windows to Linux makes sense. The reasons are
compelling: greater stability and reliability, lower cost, access to application source code,
greater security, and conformity with open standards, according to numerous independent
studies and industry experts.

Why Do We NEED Security?

In the ever-changing world of global data communications, inexpensive Internet connections, and fast-paced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter, your data. Even other users on your system may maliciously transform your data into something you did not intend. Unauthorized access to your system may be obtained by intruders, also known as “crackers”, who then use advanced knowledge to impersonate you, steal information from you, or even deny you access to your own resources. If you’re still wondering what the difference is between a “Hacker” and a “Cracker”, see Eric Raymond’s document, “How to Become A Hacker”

Linux System Security

Nowadays networked computing is a business imperative and a fact of everyday life for home computer users. The downside to this is that the more we allow networked systems into our everyday lives, the less secure our businesses and homes become.

Worse yet, the bad guys don’t even have to exert much effort to attempt a break-in. There are lots of scanning and cracking tools available that know how to find and exploit known weaknesses on most computer systems.

Your best defense against this kind of threat is to understand the basics of system security. This will enable you to implement the necessary defenses against potential crackers. This will also give you the tools you need to monitor your system’s security on an ongoing basis.

Luckily, a vast number of tools exist to aid you in this pursuit….

How Vulnerable Are Your Systems?

While it is difficult to determine just how vulnerable a particular system is, there are several indications we can use:

  • The Computer Emergency Response Team consistently reports an increase in computer vulnerabilities and exploits.
  • TCP and UDP, the protocols that comprise the Internet, were not written with security as their first priority when it was created more than 30 years ago.
  • A version of software on one host has the same vulnerabilities as the same version of software on another host. Using this information, an intruder can exploit multiple systems using the same attack method.
  • Many administrators don’t even take simple security measures necessary to protect their site, or don’t understand the ramifications of implementing some services. Many administrators are not given the additional time necessary to integrate the necessary security measures.