Geeks404.com: Linux Security: Techniques to Secure Your Linux SystemJun 14, 2000, 19:01 (2 Talkback[s])
(Other stories by David Booss)
[ Thanks to BeOpen for this link. ]
"Linux, despite its incredible stability, is insecure in its generally distributed form. Almost all major distributions - including Red Hat, Corel, Caldera, Debian, SuSE, TurboLinux, and others - have major unpatched vulnerabilities. Staying on top of security alerts for your distribution is one half of keeping your system secure. Using the patches that are released with these security alerts will make your system less vulnerable than it was before, however it does not solve the problem as a whole. The main security problem with Linux is its constantly running system services and daemons, such as httpd (Apache), inetd, sendmail, and others. In order to secure a system to the greatest extent possible, you must first assess what daemons are vital to the system's function. For example, if you are running an anonymous FTP server, you will not want Telnet or HTTP services running on that machine. This tutorial will discuss the importance of choosing system services, look at file permissions, and take a brief look at Tripwire for system analysis."
"System services are the core security problem on most Linux systems. By default, most Linux distributions have systems running almost every service available to the system at startup. This is a major problem, but you can fix it. The first step is to assess what your computer is expected to do; whether you want it to be an FTP, Web, shell, or other type of server. After you have decided this, you must then determine which system services and daemons are running on your system...."