Locking Down Security


Adding user accounts and changing user settings with useradd

Changing user accounts with usermod

Deleting users with userdel

Adding, changing, and managing passwords with passwd

Managing groups with groupadd, groupmod, and groupdel

Seeing who's logged in with last, lastb, and who

Configuring firewalls with iptables

Checking out advanced security with SELinux, tripwire, and APT

Securing your Linux system means first restricting access to the user accounts and services on that system. After that, security means checking that no one has gotten around the defenses you have set up.

Ubuntu, Debian, and other systems based on those Linux distributions are designed to be secure by default. That means that there are no user accounts with blank passwords, and that most network services (web, FTP, and so on) are off by default (even if their software is installed).

Although many of the commands covered in this book can be used to check and improve the security of your Linux system, some basic Linux features are particularly geared toward security. For example, secure user accounts with good password protection, a solid firewall, and consistent logging (and log monitoring) are critical to having a secure Linux system. Commands related to those features, plus some advanced features, such as SELinux and tripwire, are covered in this chapter.

Working with Users and Groups

During most Linux installation procedures, you are asked to assign a password to ...

Get Ubuntu Linux Toolbox: 1000+ Commands for Power Users, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.