Learning More About Threats


Using the various hardening suggestions presented in this chapter is not sufficient to totally secure your systems from intrusion. The steps presented here and the security precautionary methods you read about last week are like flu shots: They guard against known issues and do not guarantee to be effective against new threats that may be discovered next week. You need to stay current on new threats and their countermeasures.

Script kiddies and casual intruders go for the "easy kill": They look for and exploit security weaknesses that have been widely published. Therefore, other than taking the steps discussed previously in the chapter to secure your systems, you should make sure your systems and networks are not vulnerable to these exploits.

There are a number of well-respected sources of security information, such as the Computer Emergency Response Team (better known simply as CERT, http://www.cert.org), on what a common exploit is. The mailing list BugTraq (archived at http://www.securityfocus.com) is one of the best sources of exploits available for different operating systems, including Linux. In the appendix of this book, you will find a list of websites and mailing lists that can provide you with more information about network security in general, and specific exploits and countermeasures for Linux, and in particular SUSE LINUX, systems. For example, Novell maintains a number of SUSE-specific mailing lists, such as suse-security, suse-security-announce, and suse-sles-e. You can sign up for any and all of them at http://www.suse.com/us/private/support/online_help/mailinglists/index.html.



    SUSE LINUX Enterprise Server 9 Administrator's Handbook
    SUSE LINUX Enterprise Server 9 Administrators Handbook
    ISBN: 067232735X
    EAN: 2147483647
    Year: 2003
    Pages: 134

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net