Linux Security: A Good Thing Keeps Getting BetterLinux Security: A Good Thing Keeps Getting Better
A tech expert explains why Linux has remained a bright spot in an increasingly grim IT security picture, and how businesses can ensure effective, reliable security for their own Linux-based systems.
January 3, 2006
Security Pipeline: What are your top tips for making the Linux environment as secure as possible?
Humphrey: Take the time and do it right, with nearly all of the open-source code available, there are guidelines on how to correctly set permissions for the install, how to use security tools like 'chroot', and how to set up an account without a login shell. The hassle for the overloaded admin is that it takes time and sometimes research. In security, the old saying “you get what you give” is more than just apropos. Secondly, don’t install or enable any process or service that isn’t required. Security Pipeline: Beyond what you've already discussed, any other suggestions or cautions for those dealing with Linux security? Humphrey: Review the “best practice” procedures out there on how to setup your Linux system securely. There are still a few references left on the Internet on how to do this. However, as you peruse these guides, you’ll notice that they are all years old. As I noted before, the security landscape hasn’t changed that much over the years; nonetheless, the guides are still a great way to understand the basics of today’s security (an example of such a guide can be found at http://www.cert.org/tech_tips/usc20_full.html).
About the Author(s)
You May Also Like