A Linux server which is freshly installed has, in general, a high level of security. When applications are installed and configured, care must be taken for the level of security to remain high.
Essential security measures for the server itself includes using BIOS and boot loader security, having sound password policies, using commands such as su, sudo and disabling root logins when possible, making sure that services have maximum availability and always using security enhanced communication tools (like SSH) instead of more vulnerable ones.
Services also need to be secured. For example, TCP wrappers and xinetd are useful for securing, say, portmap. NIS, NFS, the Apache HTTP Server, FTP and Sendmail (or Postfix) need be to properly secured. The system administrator must routinely verify which TCP ports are opened and for what reasons.
Naturally, all Linux servers (especially those which are exposed on the Internet) should have a properly configured firewall. Netfilter, the Linux firewall, and its associated command line tool, iptables, are very powerful and need to be understood in details.
Leave a Reply