Linux Security

One day we will collect all that we have written and put it in a nice book. For now, we started categorizing the posts to see what the right order will be. Can’t wait? Follow our training program named Linux Security Expert.

The basics

The first step is knowing the basics of Linux. Too often this area is ignored, while it may actually have the biggest impact of all. Knowing the right tools in Linux can cut work in half.

Basic tools

Our first tip is to learn how to properly use the grep command. Within this referenced article, you find several ways to quickly weed out data you are not interested in. A great way to get to the gems in your dataset and very useful for automating repeating tasks.

Introduction to Linux security

Next step is learning the basics of Linux security by understanding how to secure a Linux system. We then suggest reading the Linux security guide. It goes into more depth and covers the aspects of running a Linux system and keep it secure.

Know how the kernel works

When we talk about Linux, we actually mean the GNU/Linux kernel and its supporting software. So before we go into the other software components, you may want to know about kernel security.

Linux security topics

Authentication

Password security

One of the most breached entry points of a Linux system is via weak passwords. This could be a default password, or simply a password that is too easy to guess. Linux systems can be hardened by configuring a minimum password length and related password strength. The minimum password length increases the power needed to crack the related password.

Another protection mechanism is using pam_tally or pam_tally2 to counter brute-force attempts to guess the password of a user. Too many failed login attempts can trigger a temporary lock for that user.

Linux auditing

Preventing issues is great, but not always possible. The Linux kernel comes with a framework that can audit all events that occurred. Whenever a particular system call is used or a file is changed, the audit framework will monitor it and log the related events.

Linux compliance and security standards

The increasing number of security standards can make our life more complicated. Especially if these standards are vague in nature and don’t really describe what they expect from you. So these standards need to be translated into technical steps and advice. One of these documents is achieving PCI DSS compliance and certification for Linux, for those who deal with credit card payments.

PCI DSS logo for Linux systems compliance

Another regulation that will need to be addressed by companies storing personal information on citizens from the European Union is the General Data Protection Regulation (GDPR). We addressed the steps to take to minimize the risk of breaches in our GDPR guide with technical requirements for Linux systems.

Security resources

Hardening guides

Many of the system hardening principles apply to all Linux distributions. Each of these distributions still has their own way of being configured.

By operating system:

By software components:

Do you like this website and what it provides? You can help in different ways:

  • Promote any articles that you like on social media
  • Submit newly discovered blog posts to popular websites
  • Add a link from your website to our blog