Linux Ask!

Linux Ask! is a Q & A web site specific for Linux related questions. Questions are collected, answered and audited by experienced Linux users.

Home
Subscribe
Ask a Question
Advertise
About Us

Linux Ask!

How can I keep my Linux secure?

 Linux Security  No Responses »
Dec 252009
 

How can I keep my Linux secure?

Answer:

Security is a process, not a permanent state. Once you've taken the initial steps to secure your box, you must engage in regular maintenance to ensure that your box continues to remain secure.

To ensure continued security, regularly do the following:

Keep current with patches - Keep current with your distribution's security updates, and patch on a regular basis.

Monitor Logfiles - Logfiles should be monitored regularly for anomalous events. Monitoring with automated tools is acceptable (Sometimes even necessary!), provided you do a regular manual audit of logfiles as well.

Audit Password Strength - Run a password auditing tool such as John the Ripper every month or so to check for insecure passwords.

Check your binaries - Regularly scan your system for trojaned or otherwise altered binaries using both an integrity checker, and a trojan scanner.

Check for Remote Vulnerabilities- Periodically run a current vulnerability scanner against your machine from another box, preferably one outside of your firewall.

Source: http://www.linuxsecurity.com/docs/colsfaq.html#2.5

Why am I seeing “– Mark –” in my syslog?

 Linux Security  No Responses »
Dec 252009
 

Why am I seeing "-- Mark --" in my syslog?

Answer:

This is a timestamp which is automatically generated by syslogd, and is syslogd's way of stating that it has nothing to report. The default interval between two -- MARK -- lines is 20 minutes.

This can be changed by locating the syslodg startup script, and changing the parmeter after the "-m" option to suit your needs. To disable these timestamps completely, set "-m" to 0. For more information, type "man syslogd".

Source: http://www.linuxsecurity.com/docs/colsfaq.html#9.2

Why can’t I telnet into my Linux box as root?

 Linux Security  No Responses »
Dec 252009
 

Why can't I telnet into my Linux box as root?

Answer:

By default, some distributions prohibit root from logging in remotely, unless you first log in as a regular user, and then "su" to root. This feature provides an extra layer of security in case the password of the root account is compromised.

Although it is not recommended, this restriction can be removed by deleting the file /etc/securetty. For more information, type "man securetty".

Source: http://www.linuxsecurity.com/docs/colsfaq.html#9.1

 Older Entries  Newer Entries