Four essentials for Linux system security protection

Computer Store News:

Whether you are a regular desktop user of Linux or a system administrator managing multiple servers, you are faced with the same problem: increasing threats. Linux is an open system that can find many off-the-shelf programs and tools on the network, which is convenient for users and hackers. So, how can we protect Linux system security? Please see the following four essentials.

First, keep the latest system core

Because Linux has a lot of distribution channels, and often updated programs and system patches appear, in order to strengthen system security, we must always update the system kernel.

Kernel is the core of the Linux operating system. It resides in memory and is used to load other parts of the operating system and implement the basic functions of the operating system. Because Kernel controls the various functions of computers and networks, its security is critical to overall system security.

There are many well-known security vulnerabilities in the early versions of Kernel, and they are not stable. Only versions 2.0.x or higher are more stable and secure, and the operating efficiency of the new version has changed a lot. When setting the function of Kernel, only select the necessary functions, and do not accept all the functions as a whole, otherwise the Kernel will become very large, which will take up system resources and leave a good opportunity for hackers.

There are often new security patches on the Internet, and Linux system administrators should be well-informed, frequent security newsgroups, and check out new patches.

Second, enhanced security tools

SSH is the abbreviation of the Secure Sockets Layer, which is a set of programs that can be safely used to replace utilities such as rlogin, rsh, and rcp. SSH uses public key technology to encrypt communication information between two hosts on the network and uses its key as a tool for authentication.

Because SSH encrypts information on the network, it can be used to securely log in to a remote host and securely transfer information between the two hosts. In fact, SSH not only secures secure communication between Linux hosts, but Windows users can also securely connect to Linux servers via SSH.

Third, limit the power of super users

We mentioned earlier, root is the focus of Linux protection, because it has unlimited power, it is best not to easily authorize super users. However, some programs must be installed and maintained with superuser privileges. In this case, other tools can be used to give such users partial privileges. Sudo is such a tool.

The Sudo program allows the general user to log in once again with the user's own password after configuration, to obtain the superuser's privileges, but only a limited number of instructions can be executed.

Fourth, set the security level of the user account

In addition to the password, the user account also has a security level, because each account can be given different permissions on Linux, so When establishing a new user ID, the system administrator should assign different permissions to the account as needed and merge them into different user groups.

In tcpd on Linux systems, you can set a list of allowed and not allowed players. Among them, the list of allowed personnel is set in /etc/hosts.allow, and the list of authorized employees is not allowed to be set in /etc/hosts.deny. After the setup is complete, you need to restart the inetd program to take effect. In addition, Linux will automatically log the results that are allowed or not allowed to be entered into the /rar/log/secure file, and the system administrator can detect suspicious entry records accordingly.

Each account ID should be handled by someone. In the enterprise, if the employee responsible for an ID leaves, the administrator should immediately delete the account from the system. Many intrusions are borrowed from accounts that have not been used for a long time.

Among user accounts, hackers like accounts with root privileges. This super user has the right to modify or delete various system settings, which can be unimpeded in the system. Therefore, you must carefully consider any account before giving root privileges.

The /etc/securetty file on Linux systems contains a set of terminal names that can be logged in as root. For example, on a RedHatLinux system, the initial value of this file only allows the local virtual console (rtys) to log in as root, without allowing remote users to log in with root privileges. It is best not to modify the file. If you must log in as root from a remote login, it is best to log in as a normal account and then use the su command to upgrade to a superuser.