In Linux security, apply principle of least privilege

Jul 22, 2008, 12:00 (0 Talkback[s])
(Other stories by Caroline Hunter)

[ Thanks to SearchEnterpriseLinux.com editor for this link. ]

"I think [the priority list] flows like this: You need a good, secure configuration. If that's done and deployed, you focus on understanding updates to programs. In other words, you want to look at all package updates and know what was fixed and if you need to update for it. Aside from that you need a good monitoring technique to ensure the systems you so carefully configured stay that way. Having a good handle on monitoring the security events being generated is one of the more important things to do assuming that a system is properly configured. You need to understand what's recorded in the security logs so that one day, when something odd shows up, you can spot it immediately"

Complete Story

Related Stories:

• Easily Track Intrusion Attempts on Your Web Site(Jul 01, 2008)
• Run a Business Network on Linux: Intrusion Detection (Part 4)(Jun 12, 2008)
• Mass Host Hack Bigger than First Thought, Hits 10,000 Sites(Jan 22, 2008)
• Tips for Taming SELinux(Nov 29, 2007)