Basic Linux security

Computer security has become a critical subject in information technology system these days. If we looked back in history, the security threat has started a long time ago during 1970s when telephone system has been hacked. Many computer crimes happened and as a result, the Computer Fraud and Abuse Act has been made in 1980s. As technology advanced, the evolution of computer networking and the born of Internet, the threats to information and networks have risen significantly. The well-known harassment and destructive attacks are denial of service (DOS), mail bombs and list-linking, viruses, worms and Trojan horses.

Many efforts have been taken to improve computer security including the use of a network and security tools, control user access using permissions and passwords, data encryptions, and virus detectors. Other approaches to improve computer security involve secure operating systems, security architecture, security by design, secure coding and application.

Physical security

The purpose of security is to prevent unauthorized access into the system. This involves securing the physical and network access. Securing the physical access means to limit who can physically access your system, server room and workstations. It's been estimated that 80% of intrusions initiated by insiders. Securing physical access can be made by implementing a restricted area to the network operation centers and developing security policy controls.

Another way of securing the physical access into the system is to secure network hardware such as routers, bridges and switches from local users. Many network hardware have password issue which provide the means to perform onside password recovery. Several steps can be taken such as setting administrative and user password by overwrite the default password, enabled encryption, disable unwanted service such as telnet, and use security utility options if provided by the network hardware.

If your servers and security hardware are secured, intruder will look at other vulnerabilities which are workstation and user. Securing workstation can be made with BIOS and console passwords. For the users part, they must be given security knowledge such as never reveal their password to anyone else, never leave their computer unlock, and so on and alert them with security threats from time to time.

Linux network security

Securing the network access is securing access to the operating system remotely. One of the network security threat is malicious code, such as virus and Trojan which create a backdoor in your system. There are many file integrity checking software available for Linux. Some of them are Tripwire, TAMU, Aide and ATP.

Other network security attack is sniffers and network monitoring tools. Sniffers are very dangerous because they can capture sensitive data such as passwords and confidential information.

Scanners are also a high risk tool use by attacker to scan your system and network. To protect your network and system from scanner you can use a firewall and other tools such as IcmpInfo, scan-detector and klaxon.

Another way of attacking a network is spoofing attack. There are TCP and IP spoofing, ARP spoofing and DNS spoofing.

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.