Linux Security Principle: Containment of Failure

Containment of Failure Everyone who used Windows 95 or 98 in the past is familiar with the concept of failure. One crashing application was enough to bring the system to a halt. Fortunately, Linux systems have a strong foundation, including privilege separation and memory management. When things go wrong, the impact is reduced to a minimum. This is called containment. Linux Memory Management Memory is like your the storage capacity of your brain. Every bit should be stored properly, or otherwise […]

Read more

Simplifying Security: Choose the Right Toolkit, not Tool.

Simplifying Security I applaud many of our customers for being smart. Not to say other people are not, but they have made a specific choice in the past based on an understanding. They understand that a single security solution to make your IT environment safe, simply does not exist. It is the combination of tools, or your toolkit, which does. For this same reason, a carpenter has a tool chest, not a single tool. As a founder, I get to […]

Read more

5 Basic Principles of Linux System Security

5 Basic Principles of Linux System Security It is still common that people do not know where to start when it comes to information security. With 5 basic principles we can improve the Linux system security and question ourselves if we have done enough.   1. Know your system(s) The first principle is about knowing what your system is supposed to do. What is its primary role, what software packages does it need and who needs access? By knowing the […]

Read more

How to secure Linux systems – Auditing, Hardening and Security

How to secure Linux systems Within this article we have a look on how to secure a Linux system. Focus of the article is providing tips regarding auditing, hardening and general security of Linux servers. Hardening Focus on minimizing By minimizing the footprint of the server, its data and users, we can more quickly determine if a system is running properly. Also risks will be reduced, as every part on a system might be something which can be sooner or […]

Read more