Chapter 17. Basic Security
In this chapter we’ll discuss basic Linux system security. Security is unfortunately a topic of ever-growing importance, especially with the increasing use of permanently network-connected systems that are vulnerable to remote attacks even while unattended.
Most system security is common-sense good practice. Many of the best techniques are the simplest, yet frequently ignored practices; we’ll cover those first. We’ll then move on to some of the less obvious practices, and we’ll conclude with a short discussion on the complex subject of network security. We’ll also include some firewall recipes to protect simple installations against network attack.
A Perspective on System Security
It’s sometimes difficult keeping a balanced perspective on system security. The media tends to sensationalize stories relating to security breaches, especially when they involve well-known companies or institutions. On the other hand, managing security can be a technically challenging and time-consuming task. Many Internet users take the view that their system holds no valuable data, so security isn’t much of an issue. Others spend large amounts of effort nailing down their systems to protect against unauthorized use. No matter where you sit in this spectrum you should be aware that there is always a risk that you will become the target of a security attack. There are a whole host of reasons as to why someone might be interested in breaching your system security. The value of ...