中文网站
  Advanced Search
Read the latest Blogs from IT professionals in the field. Read and write community created documents. Need IT help? Ask our staff. Connect with your peers. Check our Tech Shop for posters, books and software tools. Home
HomeSoftware, Operating systems, Programing LanguagesOperating SystemsUnix

Unix and Linux Security Tips

Maintaining a secure environment on Unix and Unix-like operating systems is dependent on design concepts of these operating systems, but vigilance through user and administrative techniques is important to maintain security also.

There are a few security concepts in the Unix-like systems:

  • Permission: A core security feature in these systems is the permissions system. All files in a typical Unix-style filesystem have permissions set enabling different access to a file.
  • User groups: Users under Unix-like operating systems often belong to managed groups with specific access permissions.

In the following table, some important security tips are listed:

General security tips

  • Avoid doing your regular jobs when you are logged in as root.
  • Check log files to find suspicious activities.
  • Install and execute the Bastille Linux hardening tool.
  • Configure sudo (superuser do) to execute privileged commands as a normal user instead of using su.
  • Use strong and encrypted password to protect your system and data.
  • Disable crtl+alt+del shutdowns by any other user than root - Securing /etc/passwd by using "shadow" passwords (encrypted)

File security

  • Audit system for unauthorized use of setuid and setgid
  • Reduce unnecessary world-writable files
  • Locate all files that have no owner or group - they may be created by an intruder.
  • Use tools such as Tripwire to monitor file integrity

Kernel security

  • Password-protect LILO to require authorization.
  • Use OpenWall kernel patch to prevent buffer overflows, restrict information in /proc available to normal users, and other changes.
  • icmp_echo_ignore_all: Ignore all ICMP ECHO requests. This option prevents ping flood.
  • icmp_echo_ignore_broadcasts: Ignore ICMP echo requests with a broadcast/multicast destination address.
  • tcp_syncookies: Protection from the SYN Attack. Send syncookies when the SYN backlog queue of a socket overflows.
  • rp_filter: Determines if source address verification is enabled. This option may prevent IP spoofing attacks against the internal network.
  • secure_redirects: Accept ICMP redirect messages only for gateways listed in default gateway list.
  • log_martians: Log packets with impossible addresses to kernel log.

Networking security

  • Using SSH (secure shell) or OpenSSH to replace telnet, ftp, rsh, and rlogin should be standard practice.
  • Disable any network services or open ports you do not require for your server to work properly.
  • Use firewall to enhance the security provided by tcpd (tcp wrapper)
  • Install nmap to determine potential communication channels remotely.

System backup and up-to-date

  • Backup system, applications and data periodically
  • Check your backups of user and system files regularly to make sure they are useful.
  • Keep system and application updated
‹ Unix and Linux Networking Commands and ToolsupUnix and Linux Shells ›