Pick a Free OS

Securing Linux: Part 1

"Security is not an option, but a way of life". This is the mantra given by Kurt

Seifried, the author of the famed 'Linux Administrators Security Guide' and

numerous other Security HOWTO's available out there.

The theme in these series of articles is to make one aware of the trivial

security concerns on a stock Linux box. This article aims at giving novice users

an insight into conducting a security audit of their systems and helping them

take corrective measures in order to avoid any future security lapses.

Throughout this article, you will find pointers to various other security

howto's and research. This Security guide isn't a substitute for them but merely

a look at the various facets of insecure networking that are a part of our

everyday computing lives.

Everyday as you log on to the Internet to transact your daily business, your

data has to pass through hundreds of machines out there before it reaches its

final destination. En route, from point A to B, anyone can sniff your packets of

data, analyze the contents and maybe even reframe the packet contents. There is

no dearth of sniffing, cracking tools and password breaking tools out there. You

have a lot to worry about before you can consider your network safe.

Take it one step at a time, one day at a time. The only weapon by your side is

your Knowledge. Keep yourself updated with the latest news from the security

front. Look out for bug releases at the major security sites on the Internet.

Patch your software as soon as the exploits are revealed. You have to be very

active to ensure that you are always one step ahead of the rest.

Old habits die hard

Many organizations use BIOS security passwords in order to restrict access to

machines. But in contradiction to this security, the employees have POST-IT

notes on their desktop with the BIOS password written on it.

There have been instances where the organization's unofficial policy is to

maintain a single syllable password "x" for all the users of the machines in

their network. Certainly makes life so much simpler both for the system

administrator, user and the cracker. The point we are trying to make here is

the need to change people's attitude towards security.

So who are we trying to condemn? No one to be precise. But what we are saying is

that the only way you can ensure that your data is 100% secure is to turn your