[plug] Linux Security Paper
Leon Brooks
leon at brooks.fdns.net
Sat Aug 4 21:37:33 WST 2001
Christian wrote:
> On Sat, Aug 04, 2001 at 08:31:55AM +0800, Richard wrote:
>> I am doing a research project as part of my Dip IT and seeing as i have
>> been converted from MS to Linux, my lecturer has deceided in his wisdom
>> that i should do a research paper on Linux Security as a final
>> assessment piece. I have deceided to narrow it down to internet security
>> and issues, and any guidance (ie: reference material etc..) on this
>> would be greatly appreciated and acknowledgments would be included.
> Once you've narrowed the area down, if you want to bounce any ideas off
> me then feel free to email me privately.
I'm curious, Christian: why? Surely the whole list would benefit?
Richard, there are general security principles which can be applied to
anything but which should almost certainly be included in such a
project. Things like ``never send anything sensitive in cleartext if
encryption is a reasonable alternative - so you don't get sniffed'' (rpm
-e telent-server; rpm -i openss*) and ``provide many layers of
security'' (firewall AND /etc/hosts.* AND passwords AND encryption AND
stored keys AND chroot the service AND...) so that if one breaks the
others still help, and ``use only the privileges needed (AKA never run
as root)'' similar, so if something breaks the damage is contained. You
can get truly paranoid, such as running a steganographic filesystem, but
physical security is generally never a worry. Most security oriented
websites (e.g. securityfocus.com) will have FAQs and checklists.
Cheers
More information about the plug
mailing list