[plug] Linux Security Paper

Leon Brooks leon at brooks.fdns.net
Sat Aug 4 21:37:33 WST 2001


Christian wrote:

> On Sat, Aug 04, 2001 at 08:31:55AM +0800, Richard wrote:
>> I am doing a research project as part of my Dip IT and seeing as i have

>> been converted from MS to Linux, my lecturer has deceided in his wisdom

>> that i should do a research paper on Linux Security as a final

>> assessment piece. I have deceided to narrow it down to internet security

>> and issues, and any guidance (ie: reference material etc..) on this

>> would be greatly appreciated and acknowledgments would be included.


> Once you've narrowed the area down, if you want to bounce any ideas off
> me then feel free to email me privately.

I'm curious, Christian: why? Surely the whole list would benefit?

Richard, there are general security principles which can be applied to 
anything but which should almost certainly be included in such a 
project. Things like ``never send anything sensitive in cleartext if 
encryption is a reasonable alternative - so you don't get sniffed'' (rpm 
-e telent-server; rpm -i openss*) and ``provide many layers of 
security'' (firewall AND /etc/hosts.* AND passwords AND encryption AND 
stored keys AND chroot the service AND...) so that if one breaks the 
others still help, and ``use only the privileges needed (AKA never run 
as root)'' similar, so if something breaks the damage is contained. You 
can get truly paranoid, such as running a steganographic filesystem, but 
  physical security is generally never a worry. Most security oriented 
websites (e.g. securityfocus.com) will have FAQs and checklists.

Cheers




More information about the plug mailing list