I.T. Security and Linux Administration

Jan 31 2013   3:08PM GMT

How Have Security Practices Changed (2009-now)? Part 1

Eric Hansen Eric Hansen Profile: Eric Hansen

Back in late 2009, an article was published by CyberCiti detailing 20+ tips on how to secure your Linux machine. How have things changes since and now (especially since we’re nearing Linux kernel 4.0)?

Then: #1: Encrypt Data Communication

Now: Same

Especially with the advent of more sophisticated tools at everyone’s disposal, ensuring data communication is encrypted should be a top priority. This includes using SSH instead of Telnet, SFTP over FTP, HTTPS over HTTP, etc…

These steps have also been made easier, however. Instead of purchasing a new SSL cert for every Intranet site, just create your own. It saves $30+/year per certificate and is more manageable.

Then: #2: Minimize Software to Minimize Vulnerability

#3: One Network Service Per System or VM Instance

Now: Same

It’s no secret having 100 different programs listening on different ports makes you 100x more at risk than 1 program listening on 1 port (or even 1 program listening on multiple ports). This will also help with the “go green” initiatives as well, though, as it will require less power to constantly maintain those applications.

Virtualization is a hot subject right now, and it has gained a lot of steam since around 2006 from my experience. Now, everywhere you look online there’ more talk about new virtualization, cloud solutions, etc..

Then: #4: Keep Linux Kernel and Software Up to Date

Now: Same

Similar to the above, this one is no secret as well. However, one thing I feel is lacking in every package manager I’ve seen is the ability to update just a single package. There’s not always a reason to update the entire system when you just need PHP updated, for example. It also causes sysadmins to be put between a brick and a hard place, because if they don’t update it could be catastrophic to their network, but if they update everything the entire server could get corrupted.

Then: #5: Use Linux Security Extensions

Now: Debatable

I’m a firm believer of not using “security extensions” such as SELinux. They tend to cause more of a headache than they’re worth and just add extra load on the server.

While they’re good for a catch-all approach, proper sysadmin and monitoring solutions should be a better approach.

I’ll continue with the next batch of 5 in another part.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: