Configuring a Secure System

Linux Administrator"s most important duty is the , security of the computer and data integrity.

What does this mean?  The system administrator’s most important task, first and foremost, is to make certain that no data on the machine or network are likely to become corrupted, whether by hardware or power failure, by misconfiguration, or by malicious or inadvertent intrusion from elsewhere.

Everyone involved in computing are aware of the increasing serious attacks upon machines connected to the Internet. The majority of these have not targeted Linux systems, but that doesn’t mean that Linux systems
have been entirely immune, either to direct attack or to the effects of attacks on machines running other operating systems.

In one such Distributed Denial of Service (DDoS) attack aimed at several major online companies, many of the “zombie” machines(Machines unknowingly used to spread malware without its owners consent ) — so that the vandals could employ thousands of machines instead of just a few — were running Linux that had not been patched to guard against a well-known security flaw. In the various “Code Red” attacks of the summer of 2001, Linux machines themselves were invulnerable, but the huge amount of traffic generated by this “worm” infection nevertheless prevented many Linux machines from getting much Web-based work done for several weeks, so fierce was the storm raging across the Internet. While these infection did not corrupt Linux machines as it did those running a different operating system.

 Security can be as simple as turning off unneeded services, monitoring the Red Hat Linux security mailing list to make sure that all security advisories are followed, and otherwise engaging in good computing practices to make sure the system runs robustly. Or it can be an almost full-time job involving levels of security permissions within the system and systems to which it is connected, elaborate firewalling to protect not just Linux machines but machines that, through their use of non-Linux software, are far more vulnerable, and physical security — making sure no one steals the machine itself! For any machine that is connected to any other machine, security means hardening against attack and making certain that no one is using your machine as a platform for launching attacks against others. If you are running Web, ftp, or mail servers, it means giving access to those who are entitled to it while locking out everyone else. It means making sure that passwords are not easily guessed and not made available to unauthorized persons.

 So your job as a system administrator is to strike just the right balance between maximum utility and maximum safety, all the while bearing in mind that confidence in a secure machine.

There are  many tools that Red Hat Linux provides to help you guard against intrusion, even to help you prevent intrusion into non-Linux machines that may reside on your network. Linux is designed from the beginning with security in mind, and in all of your tasks you should maintain that same security awareness


Related posts:-

• Installing and Configuring Servers
• Installing and Configuring Application Software
• Creating and Maintaining User Accounts
• Backing Up and Restoring Files
• Monitoring and Tuning Performance