At its most basic level, securing a Linux system starts with physical security, data security, user accounts protection, and software security. Over time, you need to monitor that system to make sure it remains safe.

Some of the questions that you need to ask yourself include the following:

• Who can get to the system physically?
• Are backup copies of data being made in case of disaster?
• How well are user accounts secured?
• Does the software come from a secure Linux distribution, and are security patches up to date?
• Have you been monitoring the system to make sure that it has not been cracked or corrupted?

This chapter starts by covering basic Linux security topics. Subsequent chapters go deeper into advanced security mechanisms.

Implementing Physical Security

A lock on the computer server room door is the first line of defense. Although a very simple concept, it is often ignored. Access to the physical server means access to all of the data that it contains. No security software can fully protect your systems if someone with malicious intent has physical access to the Linux server.

Basic server room physical security includes items such as these:

• A lock or security alarm on the server room door
• Access controls that allow only authorized access and that identify who accessed the room and when the access occurred, such as a card ...