Linux Gazette: Securing Linux: The First StepsNov 15, 1999, 00:24 (0 Talkback[s])
(Other stories by Peter Lukas)
"Not too long ago, I sat patiently while the latest kernel version trickled down my slow, analog dial-up connection. Throughout the entire process, I longed for the day when high-speed Internet access would be available in the home. The arrival of xDSL and cable modems to the doorstep has made this dream a reality, but not without its price...."
"Nearly all Linux distributions available today are insecure right out of the box. Many of these security holes can be easily plugged, but tradition and habit have left them wide open. A typical Linux installation boots for the first time offering a variety of exploitable services like SHELL, IMAP and POP3. These services are often used as points of entry for rogue netizens who then use the machine for their needs, not yours. This isn't just limited to Linux--even the most sophisticated commercial UNIX flavors ship with these services and more running right out of the box."
"Without assessing blame or pointing fingers, it is more important that these new machines become locked down (hardened, to pin a technical term to it). Believe it or not, it doesn't take an expert in system security to harden a Linux machine. In fact, you can protect yourself from 90 percent of intrusions in less than five minutes."