How to ensure the security of your Linux operating system in daily operation and maintenance work

Source: Internet
Author: User

In this modern time, the security of Linux operating system is very important. But you have to know how to do it. A simple antimalware software is not enough, you need to take other measures to work together. The following are some of the common Linux Security strategy methods used in daily operations.

1. Using SELinux

SELinux is used to secure Linux, and with it, users and administrators can gain more control over access control. SELinux adds finer granularity control to access control. Unlike the ability to specify only who can read, write, or execute a file, SELinux lets you specify more control over who can delete links, append only, move one file, and so on.

2. Subscribe to Vulnerability Alert Service

The security flaw is not necessarily on your operating system. In fact, the vulnerability is more common in installed applications. To avoid this problem, you must keep your application updated to the latest version. Additionally, subscribe to the vulnerability Alert service, such as SecurityFocus.

3. Disabling unused services and apps

Typically, users do not use half of the services and applications on their systems most of the time. However, these services and applications will still run, which will invite attackers. Therefore, it is best to stop these unused services. Common

4. Check the System log

Your system log tells you what activity has occurred on the system, including whether the attacker successfully entered or tried to access the system.  Always be vigilant, this is your first line of defense, and regular monitoring of the system log is to keep this line of defense. Common

5. Consider using port heuristics

Setting port knocking is a good way to establish a secure connection to a server. The general practice is to take a specific package to the server to trigger the server's response/connection (turn on the firewall). Port knocking is a good safeguard for systems that have open ports. (sometimes used)

Linux operating system

6. Using iptables

What is Iptables? This is an application framework that allows users to build a powerful firewall for the system themselves. Therefore, to improve security, you need to learn how a good firewall and how to use the iptables framework. Common

7. Default Deny All

Firewalls have two ideas: one is to allow each point of communication, and the other is to deny all access, prompting you for permission. The second kind is better. You should only allow those important communications to enter. Common

8. Using Intrusion Detection system

Intrusion detection systems, or IDs, allow you to better manage communication and attacks on your system. Snort is now recognized as the best IDs on Linux. Common

As long as the above eight, plus strict user log audit, reasonable structure layout I believe that the Linux server you are managing is very secure.


This article is from the "Cowboy" blog, make sure to keep this source http://fangniuwa.blog.51cto.com/10209030/1758181

How to ensure the security of your Linux operating system in daily operation and maintenance work

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.