dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


LinuxNewbie.org: How to create a Secure Install

Aug 25, 2000, 17:01 (0 Talkback[s])
(Other stories by Martin Burke)

[ Thanks to Sensei for this link. ]

"It's important to be aware that when you're installing Linux, you're installing a powerful server operating system. As a home user, you probably won't use much of what's installed by default, and anything you don't use is a security risk you don't have to take. This means that most of the install procedure for a user like you or I actually involves not installing things, and then configuring the remaining elements as securely as possible. I can't stress enough that security is an important and ongoing concern, one that starts with installing and configuring your system as a stand alone box (so that it can't get hacked before you harden it), continues with constant attention to security holes and fixes, and then never ends."

"Hopefully that doesn't scare anyone off! Installed with any sort of care, Linux is no less secure than Windows, and is in many ways moreso. Someone has to want to crack your Linux box, as opposed to just sending out an email macro virus. Unfortunately, there are a lot of people out there that would do you harm, and with the increasing popularity of cable modems, dsl, and home networks, you really need to give security a lot of attention during the install, and later by staying abreast of the current security patches."

"The very first step is to undertake your install while not connected to other computers. This is a simple criteria to meet if you're going to have a stand alone box with only dial-up connectivity to the internet, but it's something to be aware of if you plan to be part of a network. After the install, you're going to go back and tighten the security on your Linux box (known as hardening), so you don't want anyone to get a chance at you while you're still installing. This probably sounds exceedingly cautious, but paranoia is the best approach to security so you may as well get started right away."

Complete Story

Related Stories: