Taking Linux Security to a Whole New Level
Undoubtedly, it’s a fact that Linux users have a great deal less to worry about compared to Windows and Apple users. The argument that ?Security through obscurity is meant to suggest that proprietary software program like Windows is much more secure by virtue of its closed nature. Nevertheless, Linux open source seems to be beat this argument using the Linus law which states that ?Given sufficient eyeballs, all bugs are shallow. This suggests that the global community of Linux users is its greatest benefit when it comes to protection. A global community is more likely to spot flaws in code and create a solution as opposed to a restricted set of paid developers. This nevertheless is not to say that Linux security is impervious. No program can claim that. So what can Linux users to ensure that they have much more secure systems running on their machines?
One, always use the keyring. This is the password needed when connecting to a network. A keyring encrypts sensitive passwords and using it adds a degree of security to the program. Two, enforce user password update. This means that you need to enforce a command that demands users to change passwords. Set an expiration period utilizing command sudo change I USERNAME. Third, don’t disable the SELinux function. This security enhanced mechanism is there for a reason and is utilized to restrict access to applications. It may seem more convenient to disable this seemingly irritating function, but disabling it will only lead to uglier experiences. If a plan is having problems, merely modify the SELinux policy.
Fourth, and this can’t be stressed further, avoid logging in as the root user. Even where you should administrate a machine, log in as a regular user or use the sudo function. Logging in as the root user bypasses a main security hurdle that permits access to systems and subsystems that would otherwise have been inaccessible by any other means. Fifth, install security updates as soon as they become accessible. Linux updates generally consists of security patches and should thus be installed quickly. Set up cron jobs that check for these updates.
There are other additional precautions that Linux administrators can take to further improve Linux security. 1 is disallowing root login over SSH. In addition to this, the SSHD should be set to listen to a port number above 1024. This setting ultimately shields you from 99.9% of brute force attackers. Don’t listen on port 22, rather map an external port to listen to this port number if behind a firewall or router. Administrators may also limit the domains that connect and specify explicitly known remote IP addresses by editing the /etc/hosts.permit and /etc/hosts.deny files. These suggestions should undoubtedly take your Linux security to a whole new level.
More information on Blackberry
Processing your request, Please wait....
