---

Home Security

Linux Exposed: Basic Hardening Linux

By

[ Thanks to Gido for
this link. ]

“Linux is capable of high-end security; however, the
out-of-the-box configurations must be altered to meet the security
needs of most businesses with an Internet presence. This article
shows you the steps for securing a Linux system called hardening
the server using both manual methods and open source security
solutions. The hardening process focuses on the operating system,
and is important regardless of the services offered by the
server.The steps will vary slightly between services, such as
e-mail and Hypertext Transfer Protocol (HTTP), but are essential
for protecting any server that is connected to a network,
especially the Internet. Hardening the operating system allows the
server to operate efficiently and securely.

“This article includes the essential steps an administrator must
follow to harden a Unix system; specifically, a Red Hat Linux
system.These steps include updating the system, disabling
unnecessary services, locking down ports, logging, and maintenance.
Open source programs allow administrators to automate these
processes using Bastille, sudo, logging enhancers such as SWATCH,
and antivirus software. Before you implement these programs, you
should first understand how to harden a system manually.

“A Linux system may contain many security vulnerabilities and
software bugs when it is first released. Vendors, such as Red Hat,
provide updates to the operating system to fix these
vulnerabilities and bugs. In fact, many consulting firms recommend
that companies do not purchase and implement new operating systems
until the first update is available. In most cases, the first
update will fix many of the problems encountered with the first
release of the Linux system (distribution).

“You should apply the latest updates before the server goes
live, and constantly maintain the server after it is deployed to
make sure the most current required patches are installed. The more
time an operating system is available to the public, the more time
malicious hackers have to exploit discovered vulnerabilities.
Vendors offer patches to fix these vulnerabilities as quickly as
possible; in some cases, the fixes are available at the vendor’s
site the same day. Administrators must also regularly test their
systems using security analyzer software. Security analyzer
software scans systems to uncover security vulnerabilities, and
recommends fixes to close the security hole…”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.