Secrets in This Chapter
Establishing a Security Framework
Performing Risk Analysis
Learning the Role of Shadow Passwords
Understanding Pluggable Authentication Modules (PAMs)
Changing File Permissions
Setting Default File Permissions
Understanding Public-Key Encryption
Understanding Digital Signatures
Using the chkconfig Command to Disable Services
Configuring the xinetd Server to Disable Services
Filtering IP Packets with iptables
Understanding Computer Security Audits
As a systems administrator, you have to worry about your Red Hat Linux system's security. For a standalone system, or a system used in an isolated local area network (LAN), you have to focus on protecting the system from the users and the users from one another. In other words, you do not want a user to modify or delete system files, whether intentionally or unintentionally. Also, you do not want a user destroying another user's files.
If your Linux system is connected to the Internet, you must worry about securing the system from unwanted access by outsiders over the Internet. These intruders, also known as crackers, typically impersonate a user, steal or destroy information, and even deny you access to your own system (this is known as a denial-of-service attack).
By its very nature, an Internet connection makes your system accessible to any other system on the Internet. After all, the Internet connects many networks across the globe. In fact, the client/server architecture of Internet information services, such as HTTP (Web) and FTP, rely on the wide-open network access the Internet provides. Unfortunately, the easy accessibility to Internet services running on your system also means anyone on the Net can easily access your system.
If you operate an Internet host that provides information to others, you certainly want everyone to access your system's Internet services, such as FTP and Web servers. However, these servers often have vulnerabilities that crackers can exploit in order to cause harm to your system. You need to know about the potential security risks of Internet services and the precautions you can take to minimize the risk of someone exploiting the weaknesses of your FTP or Web server.
You may also want to protect your company's internal network from outsiders, even though your goal is to provide information to the outside world through a Web server. You can protect your internal network by setting up an Internet firewall-a controlled access point to the internal network-and placing the Web and FTP servers on a host outside the firewall.
This chapter takes you through the basic steps you should follow in securing your Red Hat Linux system. You also learn about setting up an Internet firewall and running Web and FTP servers outside the firewall, where users cannot break through and access your company's internal network. As you'll see, Red Hat Linux already includes many of the tools you need to maintain system security. You can even set up a packet-filtering firewall by using the iptables software that comes with Red Hat Linux.
To learn more about Linux security, consult the Linux Security HOWTO at http://www.ibiblio.org/pub/Linux/docs/HOWTO/Security-HOWTO. Another good resource is the Linux Administrator's Security Guide, which you can read online at http://www.seifried.org/lasg/.