Linux Gazette: Securing Linux: The First Steps

“Not too long ago, I sat patiently while the latest kernel
version trickled down my slow, analog dial-up connection.
Throughout the entire process, I longed for the day when high-speed
Internet access would be available in the home. The arrival of xDSL
and cable modems to the doorstep has made this dream a reality, but
not without its price….”

“Nearly all Linux distributions available today are insecure
right out of the box. Many of these security holes can be easily
plugged, but tradition and habit have left them wide open. A
typical Linux installation boots for the first time offering a
variety of exploitable services like SHELL, IMAP and POP3. These
services are often used as points of entry for rogue netizens who
then use the machine for their needs, not yours. This isn’t just
limited to Linux–even the most sophisticated commercial UNIX
flavors ship with these services and more running right out of the

“Without assessing blame or pointing fingers, it is more
important that these new machines become locked down (hardened, to
pin a technical term to it). Believe it or not, it doesn’t take
an expert in system security to harden a Linux machine. In fact,
you can protect yourself from 90 percent of intrusions in less than
five minutes.