Nine common methods to protect Linux System Security

Nine common methods to protect Linux System Security

In this world, it is very important to ensure the security of Linux-based systems. But you have to know how to do it. A simple anti-malware software is far from enough. You need to take other measures to work together. Try the following methods.

1. Use SELinux

SELinux is used to reinforce Linux security. With it, users and administrators can perform more control over access control. SELinux adds finer Granularity Control for access control. Unlike specifying only who can read, write, or execute a file, SELinux allows you to specify who can delete links, append only, and move one file. (LCTT Note: Although NSA has contributed a lot of code to SELinux, there is no evidence to prove that SELinux has a potential backdoor)

2. subscribe to the Vulnerability Alert Service

Security defects are not necessarily on your operating system. In fact, vulnerabilities are mostly found in installed applications. To avoid this problem, you must keep your application updated to the latest version. In addition, subscribe to the vulnerability alert service, such as SecurityFocus.

3. Disable unused services and applications

Generally, users do not use half of the services and applications on their systems. However, these services and applications will still run, which will attract attackers. Therefore, it is best to stop these unused services. (LCTT Note: or simply do not install services that are not available, so you don't have to worry about whether they have security vulnerabilities and the upgrade .)

4. Check System Logs

Your system logs tell you what activity has taken place on the system, including whether the attacker successfully enters or tries to access the system. Always Be vigilant. This is your first line of defense, and regular monitoring of system logs is to keep this line of defense.

5. Consider using port Testing

Port knocking is a good way to establish secure connections to servers. Generally, a specific packet is sent to the server to trigger the server's response/connection (open the firewall ). Port knocking is a good protection measure for systems with open ports.

The following is from the http://www.portknocking.org:

 

 

 

6. Use Iptables

What is Iptables? This is an application framework that allows you to build a powerful firewall for the system. Therefore, to improve security protection capabilities, you must learn how to build a good firewall and how to use the Iptables framework.

7. All are rejected by default.

There are two ways to use the firewall: one is to allow each point of communication, and the other is to deny all access, prompting you whether to permit. The second is better. You should allow only those important communications. (LCTT Description: Default and default deny policies. The former requires you to specify which should be prohibited, and all other allow policies; the latter requires you to specify which can be allowed, all of these are not allowed .)

8. Use the Intrusion Detection System

The intrusion detection system, or IDS, allows you to better manage the communication and attacks on the system. Snort is currently recognized as the best IDS on Linux.

9. Use full encryption

Encrypted data is more difficult to steal and sometimes cannot be stolen at all, which is why you should encrypt the entire drive. After using this method, if someone enters your system, then he will have a headache after seeing the encrypted data. According to some reports, most data loss results from machine theft.

Original address: http://www.efytimes.com/e1/fullnews.asp? Edid = 1, 141368