“This article will cover the issues of Linux hardening,
with a specific focus on kernel hardening and its use on production
systems. Several kernel-hardening approaches and their usability
will be analyzed.Is Linux secure? The question is much less useful, than ‘Is
Linux “securable”?’ The answer to the latter is a definite yes.
Being securable means that Linux can be made more secure (to
whatever degree necessary) by applying a clearly defined sequence
of steps that always produces the same result, and that can be
automated and applied to systems that have been in operation for a
long time. It would be ideal to be able to make securing systems
understandable by regular system administrators who don’t have
formal security training. However, the last requirement might be
pushing it a bit, since security will likely always require
expertise.Linux can be made more secure by hardening the system. It is
beyond the scope of this article to discuss system hardening;
however, there are a number of system hardening resources
available…”