Saturday, July 14, 2012

Basic Security Tips for Linux

Basic Security Tips for Linux
By Tayab Khan

Now, in the present world security is one of the main issues for all system. We can secure our system different ways. Here we will see some basic security parameters for Linux system.
1)    Physical Access Protection: - Physical access protection means, to protect any system from an attacker with physical access. We can take some steps to make secure of our system-
i)    BIOS Password restriction: - We can set a password in BIOS (Basic Input Output System) to protect our system from any unauthorized changes to the BIOS. Assigning BIOS password is important because it is the first step during system startup.
ii)    Boot Loader password Protection / Authentications in single user mode: - Boot Loader allows for starting the execution of the kernel. We can set a password to the boot loader configuration to prevent users from modifying the boot parameters. Set a password for the GRUB boot loader which will prevent users from entering single user mode or changing settings at boot time. It will forces grub to ask for a password before making any changes or entering into single user mode.
iii)    Configure Automatic logout after a period of inactivity in shell login.
iv)    Screen Lock Configure for GUI User’s:- Graphical User Interface (GUI) screen can be lock to increase system security.  In Linux system, GNOM desktop screen can be lock by choosing ‘Lock Screen’ from system menu.
v)    Enable SELINUX for Better Security:-  Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. SELINUX can be used to protect against misconfigured or compromised programs.  The SELinux Policy is the set of rules that guide the SELinux security engine. It defines types for file objects and domains for processes. It uses roles to limit the domains that can be entered, and has user identities to specify the roles that can be attained. That means, SELINUX enforces the idea that programs should be limited in what files they can access and what action they can take.
2)    Security for Network Configuration:-
i)    Configure Firewall and iptables: - We know, a firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. Configure firewall and iptables to allow access and block unnecessary ports and programs.  So, we can easily configure /etc/sysconfig/iptables file to secure our Linux system. We can allow specific services or ports and also can block unnecessary ports by iptables to improve our system security.  We can assign specific services to a specific user by editing hosts. allow and hosts. deny files. We have to force this part sincerely, because configuring Firewall properly is one of the most important part of system Security.
ii)    Configure Syslogd and Monitor all important syslogs For System Security: - Syslogd is a very important monitoring tool and also a standard for forwarding log messages in an Internet Protocol (IP) computer network basically in Linux system.  Syslogd logs all programs like (auth, authpriv, daemon, cron, ftp, lpr, kern, mail, news, syslog, user, uucp, local0, ... , local7 )and are assigned a priority/level (Emergency, Alert, Critical, Error, Warning, Notice, Info or Debug) by the sender of the message. We can easily configure syslog.conf file to monitor system’s ‘error messages’, system’s ‘mail messages’ and different ‘service messages’ etc. that will be helpful to identify the problems quickly and take a quick necessary steps for system security.

iii)    SSH and Telnet restriction for secured network:- SSH and Telnet is very helpful for remote login in Linux  system but we have to make sure that the services are configured in a secured way. For Network security we can stop ssh and telnet, if possible, otherwise restrict ssh login strictly from the file /etc/ssh/sshd_config. We can limit user’s ssh access, disable root login via ssh login and can change default ssh ports(22) for better security.

iv)    Secure Configure of Network Devices and Server’s:- Network devices that are run in our system must have a secured configuration. Server’s that are run in our system such as DNS, Samba, SNMP, WEB, FTP, NFS etc. have to configure in a secured way. Linux servers must be configured properly for strong network security and also have to ensure its applications and services configured.
3)    Restrict Accounts and access control:- To increase system security we must restrict all user accounts and control the access of individual users. Following steps are too much important for this type of security:-
i)    Configure sudoers file and limit su access.
ii)    Set password expiration for the accounts.
iii)    Verify Permission on passwd, shadow and groups.
iv)    Check permission of directories and files.
v)    Ensure no accounts have empty password felds.
There are also various tools exists which can be effectively used to improve a system’s security and detection of unknown attack from hackers. Basically we can use ‘iptables’ for host-based firewalling, SELINUX for protection against misconfigured programs and logging(such as syslogd) for detection of problems for our  Linux system.


  1. Hotel & Casino, Dubai, UAE - Air Jordan23
    Guests show to buy air jordan 18 retro toro mens sneakers can try the outdoor pool. If you're looking for a pool in air jordan 18 retro varsity red on sale the centre, the Hotel & Casino, air jordan 18 retro red suede clearance Dubai, UAE has air jordan 18 retro red suede online shop a wide range of outdoor swimming pools.Hotel 리그앙 class: Adults onlyRooms: 2616 sq ft