Once upon a time, network attacks required some effort and skill on the part
of the attacker. Today, automated tools can get even the most novice user up
and running trying to compromise network-attached systems in an alarmingly
short time. Additionally, worms have the capability to turn large numbers of
insecure systems into an army of ???zombies??? usable for massive, coordinated,
distributed Denial of Service (DDOS) attacks.
Why should you care about security? According to the Internet Storm Center
(http://isc.sans.org), a computer connected to the Internet has an
average of 16 minutes before it falls under some form of attack. Securing any
computer system is not hugely difficult; it simply requires some common
sense and careful application of good security practices.
In many cases, good practices for setting and protecting passwords, monitoring
log files, and creating good firewalls will keep out many would-be intruders.
Sometimes, more proactive approaches are needed to respond to break-ins.
Many tasks associated with securing your Linux system are common to desktop
and server systems. However, because servers allow some level of access
by outside clients, there are special considerations for protecting servers.
203
IN THIS CHAPTER
Linux security checklist
Using password protection
Monitoring log files
Communicating with Secure
Shell tools
Understanding attack techniques
Protecting servers with
certificates
Using special Linux security
tools distributions
Securing Linux
This chapter describes general tasks for securing Linux systems and techniques for securing desktop
and server systems.
Pages:
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450