Securing Linux on a Network
Setting up your Linux system on a network, especially a public network, creates a whole new set of challenges when it comes to security. The best way to secure your Linux system is to keep it off all networks. However, that is rarely a feasible option.
Entire books have been filled with information on how to go about securing a computer system on a network. Many organizations hire full-time computer security administrators to watch over their network-attached Linux systems. Therefore, think of this chapter as a brief introduction to securing Linux on a network.
A starting point for learning network security is to understand the OSI model. Every network operates in a series of layers, called the Open Systems Interconnection (OSI) reference model (see Figure 25.1). The model consists of seven layers, each representing the process of moving the data packets from a sender to/from a receiver.
The OSI model is a conceptual depiction. Many actual network protocols operate over several layers as opposed to moving in a straight line from one phase to the next. However, this model is very useful for security purposes. You can get an overall view of the various phases of network communications that must be secured for your Linux server.
Your Linux system's primary job is to offer services. ...