|
Free ebooks
 Operating System Linux Securing Linux: Step by Step
|
 From a small, collaborative effort headed by a University of Helsinki student named Linus Torvalds, Linux has grown into a global phenomenon spurring new industries for distribution, training, and support. It is now the only operating system other than Windows NT that is gaining market share in corporate Information Technology infrastructures. Distributors are actively marketing easier to install, easier to use Linux systems and making real inroads onto the desktops of home, corporate, government, and educational users.
By some estimates there are nearly 8 million Linux users worldwide.Linux is an “Open Source” operating system. The source code for the kernel and system utilities is available for download, inspection, and modification. This is a double-edged sword: system developers and ordinary users alike have access to the source code so bugs are found and fixed more quickly; but system crackers have access to the code as well, and they can use this knowledge to develop exploits more rapidly and reliably. This does not make Linux less secure than its proprietary competition. On the contrary, bugs are discovered faster in an open environment, and patches and updates are issued for Linux system software very quickly. Unfortunately, most users install Linux from CD-ROM media that quite often contains vulnerable programs by the time the ink dries on the label. Another unfortunate aspect of installing commercial Linux distributions is that, for ease of use, these Linux systems are configured with most, if not all, network services running immediately after the computer is booted up, and without any access controls in place. For example, for years all Linux distributions have shipped with TCP wrappers in place, but the /etc/hosts.allow and /etc/hosts.deny files are empty, meaning that anyone on the Internet can connect to TCP wrapped services. This guide is intended for the novice home user and the experienced systems administrator alike. It covers the installation and operation of Linux in two basic modes of operation: as a workstation and as a server. It does not cover configuring Linux for some of the other special-purpose functions that it performs so well, such as routers, firewalls, parallel processing, and so forth. The examples and instructions are based on the Red Hat version 6.0 release. Red Hat was chosen because it has the largest share of the Linux market, and version 6.0 was chosen because it includes the latest stable release of the Linux kernel, system libraries, utilities, etc. However, the concepts, advice, and procedures in this guide should translate rather easily to other distributions. You may have to explore your system a little to find configuration files that are in different directories, and to determine which versions of the software packages have been installed, but the exploration itself can be a good instructional tool. This guide takes you, the reader, through the installation process then splits into separate steps for securing a workstation setup and a server setup. The guide discusses basic packet firewalls in terms of protecting services on a single local computer. Finally, the guide discusses a few useful tools for monitoring and testing the security of your system. We try to follow the principle of “defense in depth.” No one step is a silver bullet against system attacks, but taken as a whole, they build multiple layers of defense that make life just that much harder for “script kiddies” and dedicated computer criminals. Download free linux ebook: Securing Linux: Step by Step
|
