Security in an environment is established by several factors. Let's look at some questions to understand the factors involved:

  • Is the configuration secure?
  • Have we allowed the use of weak passwords?
  • Is the superuser, root, allowed to log in remotely?
  • Are we logging and auditing all connections?

Now, in a non-standard environment, how can you truly say that these requirements are all enforced across all of your Linux servers? To do so requires a great deal of faith they have all been built the same way, that they had the same security parameters applied, and that no-one has ever revisited the environment to change anything. In short, it requires fairly frequent auditing to ensure compliance. 

However, where the environment has been ...

Get Hands-On Enterprise Automation on Linux now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.