Eye on Security

As I noted in an earlier post, Linux should no longer be considered immune to vulnerabilities or to attacks. In fact, Linux is one of the most attacked systems on the global infrastructure.

While Linux and a majority of open source solutions are (or can be) more secure than other operating systems, your guard should never be let down. Anti-virus systems should be run on workstations and servers just as we all run them on our Macintosh and Windows platforms. File integrity, intrusion detection and spam tools should also be considered for Internet-based servers in addition to patching for vulnerabilities.

On the topic of file integrity, a great open-source port of Tripwire is available at http://www.tripwire.org, which offers alert-based monitoring of your server’s filesystem and configuration files.


Additionally, staying current on advisories, security reports and new tools and vulnerabilties should be on our daily reading task list.

Some excellent resources for these duties include:

CERT –>Advisories, Fixes and Vulnerabilities

LinuxSecurity.com –> Linux Security Community

SecurityFocus –> Unix Review