Linux.com: Cyber Attacks Prove Costly; 4 Security Experts Managing Major Open Source Sites Discuss
Jan 04, 2001, 18:32 (0 Talkback[s])
(Other stories by Derrick H. Lewis)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"Recently I moderated a group of security experts who manage
major Open Source Web sites. They not only deal with the networking
side of their sites, but they also confront the security problems
that arise. ... As the moderators introduced themselves, I
asked a simple question that I knew many of the audience members
wanted answered: "What do you consider as the most important points
for people trying to secure their web site?"
"Lynch's immediate response was,"Paying attention to detail."
Lynch said there are several things he does. He has a mental
checklist for a lockdown, usually done on an OS install. For
example, shutting down unneeded services, having SSHd run at
startup, and having a good snap/checksum of the machines. He admits
it was something in the buildup of the OSDN, ( Open Source
Development Network ), that wasn't always followed, due to some
pushing to get things done fast, but the OSDN Admin's are generally
in progress of a full audit right now, so attention to details is
definitely important, but a procedure is also important."
"Altas' answer was sort of a continuation to Lynch's response,
except he focused on the 'access control' side. He said, "to secure
a site you need to also know what the developer will be running and
what access they require. If some one needs for example FTP, it
should be locked down to just the system that is required to
connect. Be aware that there is always a new exploit out there.
Don't think you're safe just because your last audit of your system
looked good. Be always on alert for changes."
- Security Portal: Computer Crime Investigator's Toolkit: Part I(Jan 03, 2001)
- LinuxSecurity.com: Daniel Swan Introduces the comp.os.linux.security FAQ(Jan 02, 2001)
- LinuxISO.org: A Review of 'The Process of Network Security'(Dec 30, 2000)
- ComputerWorld: Think tank warns that Microsoft hack could pose national security risk(Dec 27, 2000)
- Linux Magazine: System Security(Dec 25, 2000)
- Security-enhanced Linux available at NSA site(Dec 22, 2000)
- FreeOS.com: Securing Linux: Part 2(Dec 16, 2000)
- FreeOS.com: Securing Linux: Part 1(Nov 30, 2000)
- LinuxPlanet: Linux Networking, Part 6: Securing Your Network(Nov 08, 2000)
- Net-Security.org: Securing a default Linux installation(Oct 08, 2000)