No matter what the device or OS, the subject of Linux System security is consistently ignored by users. Even though everyone is concerned about security, it all merely ends on blaming and complaining others.
One of the primary responsibilities of a Linux System administrator is maintaining the security of an operating system. This is one of the toughest tasks as you can never be certain, whether the machine you are working on is secure. To be honest, there is no way of making a machine that is connected to the internet, a completely secure machine. Security is no longer certain, once you connect to the internet.
Linux System Administrator
This post is not just meant for IT geeks with glasses, who are constantly staring at a number of computer screens, doing their computer voodoo. This post is also meant for you, the Linux user. If you are using Linux, you automatically become a Linux administrator. You do update and maintain your Linux system, don’t you? Even if it’s just a laptop or XMBC server or a small Raspberry Pi, they are Linux machines and require good care and attention.
Getting back to our topic of discussion, the only way of making your computer the most secure machine in the world, is by ripping your WiFi card out of your computer or by pulling out your Network cable.
This article discusses a security checklist for a Linux server, which consists of points that are crucial to maintain a safe server. All of them cannot be implemented everywhere, but they are important for general Linux usage.
• Update your system with latest security patches: Use apt-get package manager or aptitude, to keep your Linux packages updated. Add security repository to the sources.list, while using Debian-based system.
• Keep updating yourself with latest vulnerabilities with the help of forums, mailing lists, etc.: A lot of open source mailing lists (Linux general as well as product specific), offer relevant fixes needed for latest vulnerabilities.
• Disable unwanted services: You should be aware of all the services that are running on your system and systematically keep checking that only those services are running, which are required.
• Limit ROOT Access with the usage of SUDO: It is advisable to restrict user to some crucial commands with the usage of SUDO. This can be achieved by modifying /etc/sudoers files. Sudo is constructed on a command by command basis and commands with restrictions can be controlled using sudoers file.
• SSH security Services settings: SSH service is used by almost all Linux machines, for remote login. Though SSH is very secure it does not have the capability of protecting the server against human mistakes. Some precautions should be taken regarding the SSH protocol.
• Use SSH to tunnel all Xwindow sessions: The graphical communications that are normally unencrypted can be hardened through this method.
• Create only those number of users that are mandatory: You should make a list of all user accounts in the server and delete unwanted users from the system.
• A good firewall policy should be maintained: Allow access to only those IP/subnets that you want to give access to. A firewall script should be made for both outbound and inbound connections and enable the script as per the firewall rules.