dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


The OutRider Computing Journal: The Truth About Security

Aug 19, 2000, 20:07 (0 Talkback[s])
(Other stories by Jason Fink)

[ Thanks to Jason R. Fink for this link. ]

"Security is not nearly as hard as one might think. It has been most administrator's belief that pro-active security is actually easier than say setting up a ip forwarding (which could be considered an aspect of security). I believe it can be even easier than that, from a systems perspective, security is pretty simple. This article will gloss over the basic steps for system security (since there are so many sites that already have all of this information) and bring to light some other ideas about security."

"The duh factor of UNIX security is pretty plain and straightforward. One pretty much follows the following set of rules:

  • Disable unused services/ports
  • Shutdown unrequired daemons
  • Shadow passwords
  • Port watching on active ports
  • Log file scanning
  • Using physical barriers (e.g. airwalls)
  • Secure(ish) logging (logservers)
  • Use secure protocols for internet communications (e.g. OpenSSH)
These do not need to be discussed at great length here with one exception; your role and BTW if any of those items are new to you - then get familiar with them soon."

"The approach must be as all encompassing as possible. Disaster recovery is just as important as using secure shell is just as important as avoiding overflows is just as important as good performance . . ."

Complete Story

Related Stories: