Four key points to protect Linux system security

First, enhance the security Protection tool

SSH is the acronym for a Secure Sockets Layer, which is a set of programs that can be safely used to replace common programs such as Rlogin, rsh, and RCP. SSH uses public key technology to encrypt communication information between two hosts on the network and uses its key to act as an authentication tool. Because SSH encrypts information on the network, it can be used to securely log on to a remote host and securely transfer information between the two hosts. In fact, ssh not only protects the secure communication between Linux hosts, but Windows users can also securely connect to Linux servers via SSH.

Second, maintain the latest system core

Due to the many Linux channels, and often updated procedures and system patches appear, so in order to enhance the system security, it is necessary to constantly update the system kernel.

Kernel is the core of the Linux operating system, which resides in memory for loading other parts of the operating system and implementing the basic functions of the operating system. Because kernel controls the various functions of the computer and the network, its security is critical to the security of the system as a whole.

Earlier versions of the kernel had many well-known security vulnerabilities, and were less stable, and only more than 2.0.x was more stable and secure, and the efficiency of the new version was greatly improved. In setting the function of kernel, only select the necessary function, do not have all the functions according to the full collection, otherwise it will make the kernel become very large, both occupy the system resources, but also to leave the opportunity for hackers.

With the latest security patches on the Internet, Linux system administrators should be well-informed and often patronize security newsgroups to review new patches.

Third, set the user account security level

In addition to passwords, user accounts have a security level, because each account on Linux can be given different permissions, so in the establishment of a new user ID, the system administrator should give the account according to different permissions, and merged into different user groups.

Iv. restricting the power of super users

As we mentioned earlier, Root is the focus of Linux protection, because it has unlimited power, so it is best not to easily authorize superuser. However, some programs must be installed and maintained with Superuser privileges, and in this case, other tools can be used to give such users some power over some superuser. Sudo is such a tool.

Sudo program allows the general user after configuration settings, with the user's own password to log in again, to obtain the power of the superuser, but only a limited number of instructions to execute.

Note : More wonderful tutorials Please pay attention to the triple computer tutorial section, triple Computer office group: 189034526 welcome you to join