• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Linux Security - What's a good place for n00bs to start learning?

C

corinthos

Golden Member
Are there good books or online resources for learning about how (and why) to configure your hardware and Linux system to make it secure, especially when connected to the Internet (perhaps even 24/7)? I'd appreciate it if you could point a n00b in a good direction to get started. Thanks.
 
It largely depends on what the system will be doing. Plenty of applicaions have enough settings that writing a single document with all of the tips and tricks would be ridiculous.

My first suggestion is to make sure you understand what you are doing. Read the man pages for the software you want to run. Understand how to configure them correctly.
 
Closing up unneeded ports and isolating yourself from the WAN directly (by a NAT router) are a good start.

Don't worry about listening ports bound to 127.0.0.1 though. Only your own PC can access that. No one else, period. Be suspicious of anything else bound to something other than 127.x.x.x. Chances are it's an exploit waiting to happen. Of course, not ALL ports will expose you to an app with exploits. It depends on the application and how secure it is. Shut down ssh,ftpd,httpd,smtpd,cupsd, and any other daemons if you don't use them!

However you don't need to worry about this if a NAT router seals you from the outside. It does by nature. However, if you forward a port or set yourself up as DMZ, you are vulnerable again to that specific port, or to all ports, respectively.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top