---

Home Infrastructure

osOpinion: Linux Security, or Rather, the Lack Thereof

By

[ Thanks to Kelly
McNeill for this link. ]

Then, the worst thing happened, high-speed Internet finally
took off. Entire crops of default Redhat installs invaded the
Internet, often running for weeks on the same IP. It didn’t take
long for the script kiddies to find out what an easy source for
zombie machines these are, and started taking down sites “just
for fun” with the most lame attack possible, the denial-of-service.
DoS attacks require no skill. I could teach my mom how to do it in
15 minutes. But the fact that they’re lame doesn’t make them
harmless. In fact, all those newbie users with their default Redhat
installs are unknowingly helping script kiddies to cause billions
of dollars in damage every year, simply because the script kiddie
owns the bandwidth of every cracked PC and can thus saturate it by
directing a ping flood at a site. Because of this, a profound
dislike has developed against newbie users who don’t keep their
systems upgraded amid the *nix crowd. But it’s not the users who
are in error.”

“Recently I made my very first server install. I had weeks of
time on my hands (blessed is the student’s life) so I wanted to do
it thoroughly. I learned everything there is to learn in the field
of securing your system. I started out with what everyone is
supposed to know, firewalls, tcp wrappers, sudo, and then worked
myself down to the details. I was horrified to discover how evil
distribution manufacturers really are. Most distro companies make
their distributions with little thought to security in mind. (Yes,
I know you’ve heard that before. I did too. But it never “sinks
in”.) There are hundreds of ways to make a Linux install more
secure, but none of these companies apparently know of them. Some
have glimpses. There are some who have a default install that’s
reasonably secure (go Debian!) or others have options allowing you
to specify how secure you want your install to be, but this changes
nothing to the picture. You see, they expect the user to choose the
most secure option he needs, but how can a newbie know this? A
newbie barely knows cd, cp and ls. How could he know about the
relative security of different applications?”


Complete Story

Complete Story
Previous article
Next article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.