Linux Security - Hardening your System

The number of Linux new users is growing every day. More and more home users are discovering Linux Desktop. People are moving to Linux for many reason, such as:

• Linux is an Open Source and Free OS, you can get the kernel or a distribution full of packages (Debian, for instance, has over 15490 packages) and customise/modify them to your needs
• Linux is also in many cases free of charge. You can get very stable, well supported (an worldwide user community to help you for free), constantly updated and, new hardware and software additions are a constant under Linux. Refer to Debian, Ubuntu, Fedora, gNewSense, Gentoo, Suse. For a complete list of Linux Distribution, please, follow this link.
• Stability. Linux is rock solid and does not crash often.
• Security. Linux is very secure. There are no viruses, worms or Trojan horses for Linux.

I could add many other reasons why people move to Linux. However, to the interest of this article, I will stop here and, concentrate my discussion in the last two items, Linux is stable and secure.

The concept that Linux is a secure OS per se, in my opinion, is a very dangerous assumption. And, why do I consider it a dangerous assumption? Because as in any software Linux and the softwares that run on it have bugs and vulnerabilities, which can be exploited by a hacker trying to break into your system. And, most distributions are not enough hardened to be connected to the Wild (Internet). Most distributions don't have at least a Firewall, anti-virus, IPS (intruder prevention system) set up and running by default. And, in some cases there unnecessary services up and listening to connections. And, to worsen the situation the user starts installing programs that he/she doesn't know are listening for external connections. To conclude my line of thought, in spite of Linux being a secure OS it does not mean that someone should simply download a distribution, install it and start "surfing" the Internet, or the Wild as prefer to call it, without ever hardening the system and keeping it updated. This is true specially to the home user. Corporate user, normally, has or should have a security personnel in charge of information system and network security.

Therefore, I intend to write a series of articles to help Linux new users (or not so new either) to harden their system and keep it secure. The first article in this series will be "Installation and Set up of Linux Firewall and Anti-virus". In sequence, I will discussion and introduce quick fixes for some common deadly sins: weak and default passwords, open network ports, old software versions, insecure and badly configured programs, insufficient resources and misplaced priorities, stale and unnecessary accounts. Furthermore, I'll present secure tunnels to protect your outgoing network connections, how to protect your email, how to protect your files, intrusion detection and prevention. And, if you've read the articles in this series too late, you will benefit from the articles in the series Recovery and Response.

I'll release the first article on Saturday, Jan. 20th and I'll always announce the article that will follow.

I hope those articles will help you keep your system secure and contribute to your joy of using Linux.