Four key points of Linux System Security Protection

Whether you are an ordinary Linux Desktop user or a system administrator managing multiple servers, you are faced with the same problem: an increasing number of threats. Linux is an open system that allows you to find many ready-made programs and tools on the network, which facilitates both users and hackers. So how can we protect Linux system security? See the following four essentials.

1. Maintain the latest system core

Because there are many channels for Linux distribution, and there are often updated programs and system patches, We must update the system kernel frequently to enhance system security.

Kernel is the core of the Linux operating system. It is used to load other parts of the operating system and implement the basic functions of the operating system. As Kernel controls various functions of the computer and network, its security is crucial to the security of the entire system.

Many well-known security vulnerabilities exist in earlier versions of Kernel, which are also unstable. Only versions 2.0.x and later are stable and secure, and the running efficiency of the new versions is greatly improved. When setting the Kernel function, you only need to select the necessary functions. Do not accept all functions as per your order. Otherwise, the Kernel will become large, occupying both system resources and leaving hackers with an opportunity.

There are often the latest security patches on the Internet. Linux administrators should be well-informed and often patronize Security newsgroups to check new patches.

Ii. Enhanced security protection tools

SSH is short for Secure Sockets Layer. It is a set of program groups that can be safely used to replace public programs such as rlogin, rsh, and rcp. SSH uses public key technology to encrypt the communication information between two hosts on the network, and uses its key as an authentication tool.

Because SSH encrypts information on the network, it can be used to securely log on to a remote host and transmit information between the two hosts securely. In fact, SSH not only ensures secure communication between Linux Hosts, but also allows Windows users to Securely connect to Linux servers through SSH.

Iii. restrict the power of Super Users

As we mentioned above, root is the focus of Linux protection. Because it has unlimited power, it is best not to authorize super users easily. However, the installation and maintenance of some programs must require Super User Permissions. In this case, other tools can be used to grant these users the permissions of some super users. Sudo is such a tool.

The Sudo program allows a general user to log on again with the user's own password after the configuration is set, to obtain the permissions of the Super User, but only a limited number of commands can be executed.

4. Set the security level of the user account

In addition to passwords, user accounts also have security levels, because each account on Linux can be assigned different permissions. Therefore, when a new user ID is created, the system administrator should grant different permissions to the Account as needed and merge them into different user groups.

In tcpd on Linux, you can set the list of persons allowed or not allowed on the computer. You can set the host personnel list in/etc/hosts. allow. The host personnel list cannot be set in/etc/hosts. deny. After the configuration is complete, you need to restart the inetd program to take effect. In addition, Linux automatically records the results that allow or do not allow access to the/rar/log/secure file. The system administrator can identify suspicious access records accordingly.

A dedicated person is responsible for each account ID. In an enterprise, if the employee in charge of an ID leaves the company, the administrator should immediately delete the account from the system. Many intrusion events are borrowed from accounts that have not been used for a long time.

Among the user accounts, hackers prefer root accounts. Such Super Users have the right to modify or delete various system settings, so they can freely access the system. Therefore, you must carefully consider before granting root permissions to any account.

The/etc/securetty file in Linux contains a group of terminal names that can be logged on with the root account. For example, in the RedHatLinux system, the initial value of this file only allows the local virtual console (rtys) to log on with the root permission, but does not allow remote users to log on with the root permission. It is recommended that you do not modify the file. If you must grant the root permission from remote logon, you should first log on with a common account and then use the su command to upgrade to a Super User.