With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices.
Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years. Admins and security pros know that the majority of attacks on Linux systems can be attributed to misconfigurations or poor administration. Not surprisingly, failure to properly secure the Linux kernel is often at least partially to blame.
Kernel security is a key determinant of overall system security, as the Linux kernel is the foundation of the Linux OS and the core interface between a computer’s hardware and its processes. Luckily, the Linux kernel possesses an assortment of effective built-in security defenses – namely, firewalls that use packet filters built into the kernel, Secure Boot, Linux Kernel Lockdown and SELinux or AppArmor. – that administrators should take full advantage of.
This article will examine the importance of robust kernel security, and explore various measures that administrators can take to secure the Linux kernel and protect their systems from malware and other exploits.