With the increased adoption of Linux as the default OS for mainframe and personal computers, Linux network security has become more and more of a issue. Because so many businesses now rely on both LANs and the Internet as keys to doing business, they are especially vulnerable to having their Linux network security compromised by Internet gateways.
Internet gateways are systems including at least two network interfaces, one of which links to the Internet via an ISP, and the other of which is linked to the business’ internal LAN. The Internet gateway necessarily, but sometimes unfortunately, functions as a two way door, allowing the LAN users to have online access. But it also allows Internet users to access the LAN, and not always with the best of intentions.
Many business are terrified at the prospect of having their Linux network security bypassed, simply because of the vast amounts of sensitive customer information they have stored. Hackers can plant trojans or worms to collect passwords and login names, and send them to packet sniffers waiting on the Internet. Or intruders into an LAN may be able to help themselves to credit card or social security information.
The loss of such data can create huge liability issues, and if knowledge of the Linux network security breach becomes public, can lead to a total loss of customer confidence. A business’ network security is even more vulnerable to intrusion than its physical security, but the good news is that there are many Linux network security programs and they are commonly included in Linux distribution software packages.
The problem, then, is not with the availability of Linux network security features; it is with the Linux end-user who does not take advantage of those Linux network security features and sooner or later has his or her network compromised. But Linux network security really begins even before a Linux OS is added to the network. Following are a few steps you can take in becoming responsible for you Linux network security.
You can begin enhancing your Linux network security by disabling any of the Linux services which are not absolutely essential to your business operations. The fewer tasks your Linux OS has to perform, the fewer ways intruders will have to get in and work their mischief.
If you are using a Linux OS distribution bundled with an astronomical number of software applications, like the eighteen thousand plus software packages of the Debian distribution, you can simply delete the unwanted ones to beef up your Linux network security.
There are three utilities in particular, if left enabled, can lead to breaches in Linux network security. Disable the rsh, rlogin, and rcp utilities which include exec when used by rsh, login used by rlogin, and shell used by rcp so that they cannot be started from /etc/inetd.conf.
Once you have connected your Linux OS to a network, you can improve your Linux network security by continually updating all the domain name systems for all the other hosts attached to your network. Doing so will let you hone in on any unauthorized hosts which show up lacking DNS identification.
You can use TCP wrappers to configure you hosts.deny and hosts.allow files, giving you much greater control over network access.
Finally, make sure your entire employees log off their server consoles when the server is not being used. This is important regardless of whether you are concerned about Internet or in-house Linux network security issues.