Securing Computers Running Linux or Unix

To secure computers running Linux or Unix, install the latest patches and enable a firewall.

Installing Patches

Most Linux and Unix distributions provide a way to update the operating system automatically via the Internet. Consult the documentation for your system to learn how to perform this operation.

Enabling Firewall Software

Most Linux and Unix distributions include a local firewall. Current versions of Linux use the iptables firewall. Standard firewall practice dictates that you deny everything and then allow only services that you require. Consult the documentation for your system to learn how to adjust the firewall rules to ensure that only the services you require are enabled.

Unix Logs

Logs help you to reconstruct a timeline of events or system activity -- important information for responding to security incidents. To generate logs, you can run programs such as ssh and sendmail, and a mechanism called syslog can store these logs on your Unix or Linux machine. When storing these logs, the syslog daemon applies rules that are specified in the file /etc/syslog.conf. Typically, the system stores sequential logs in a set of files located in the /var/log directory. Because Unix systems rotate logs to save space, you must decide how long you want to retain your logs and adjust the /etc/syslog.conf file accordingly. Consult your system documentation for further information, because each system is unique in how it handles logs.

Related Linux and Unix Security Links

• RedHat security: RedHat's security page
• Keeping Up to Date: Updating RedHat's Fedora Core
• SUSE security: SUSE's security page
• Netfilter: Linux firewall