We live in a consumer-oriented society. Symptomatic of the consumer attitude is the notion that everything can be bought and disposed of with great convenience.
Computers have become almost a commodity, so it is not surprising to hear business managers make statements like, We need to buy a new network, or Where can we buy a firewall? One office manager recently stated with absolute indignation that the server he had bought recently was not secure because someone had been able to hack into it and mess up our files.
This book is designed to help you, the administrator or the the IT person cut through the noise on the bookshelves and on the Web and secure your Linux environment. Hardening your system is more like a way of traveling than a destination. A hardened server is the result of a process that begins with a number of definitive proactive steps. Security, reliability, and integrity are states that, once achieved, must be maintained . Hardening Linux provides the principles of system hardening that are applicable regardless of the Linux distribution being used. The concepts and techniques presented in this book go beyond the technical and cover critical political and budgetary considerations that must be achieved or recognized in order to deploy an effective and holistic security strategy.
The information systems cracker is the modern equivalent of the person who breaks into a safe or a bank vault. Some network crackers practice their craft just for thrills, while others may have sinister motives. One thing we can be sure of is that the best defense available is only effective until someone learns to break through and compromise it.
Perpetual vigilance is the price of peace of mind. The cost of vigilance is determined by the measures taken in anticipation of malicious attack against your organization. Vigilance and the associated actions can be borne in an economically sustainable manner. This book is your friend in the quest against an enemy who remains invisible until it is too late. It is our challenge to make his or her efforts uneconomic and unrewarding.
Linux servers are increasingly subject to scurrilous activity, as are all other server and desktop platforms. The majority of attacks and intrusions that occur are the result of inadequate measures taken to harden the network and its resources. So let s start with the right steps to close the door on the potential for a security breach, and then work toward putting an iron safety net around your information systems.
It has been often pointed out that the only totally secure server is one that is turned off and sealed inside concrete. Unfortunately, that is not a practical solution to business and organizational needs. A server can also be secured by isolating it from all users, but that too is seldom feasible . In the real world, computer systems must be secured and hardened while they exist in a production environment. Securing a running production system is somewhat like refurbishing a firing range while ducking to avoid flying bullets. The safest advice is to secure a server offline, then introduce it into active service when it has been fully hardened.
Hardening involves more than security. It includes all action that must be taken to make the total Linux server suitable for the task for which it is being used. A holistic approach is necessary if the results of hardening are to be acceptable in the long run. New computer security legislation is being enacted almost daily and increases the burden and responsibilities of system administration. An organization may be held responsible for spam that appears to have originated from one of its network systems. Executive management is being held to greater account to assure data integrity and security. A leak of confidential information, such as credit card information, may send a victimized business to its doom.
Our journey begins with seven initiatives that will help you take control of your servers. The remaining chapters should be followed with a resolute determination to gain and hold effective control over all network resources, never giving a criminal opportunity to do more harm.
This book approaches the system hardening challenge from a position that is rather uncommon in the Linux world. It assumes that you have purchased a commercially supported Linux server product from a reputable company that does all the right things to help secure your server. Bear in mind that you are responsible for applying the security updates your vendor provides, but we assume that they are the experts in providing a secure system, particularly when the patches and updates they provide have been applied.
The first chapter will help you to verify that the Linux server is in a condition that is suitable for hardening. If these steps provide cause for concern you should ask yourself, Is this system worthy of hardening? If the system has been compromised before the hardening process has even begun you should consider reinstallation from installation media that is known to be safe.
Assuming that your server shows no evidence of intrusion or of having been compromised your server is in good shape to commence the hardening process.
Following the principle that a safe computer is one that has been shut down, you will ensure that only essential processes are running. This closes the door to potential intrusion through exploitation of services that are not needed and possibly not monitored .
Now that the system is providing only essential services the next step is to make the server almost invisible to prying eyes from the public Internet. Your new firewall configuration will make it difficult for an intruder or an assailant to gain system access. Internal network interfaces are assumed to be trusted, but external interfaces can not be trusted and must reflect this as a fact.
A proactive security policy will do everything possible to ensure that an intruder will find as few tools to make easy any intended alien activities. True to this sentiment, you will remove all software that is not needed for the services that the Linux system must provide.
In light of the increasing presence of people who have nasty intent and who make an art out of exploiting newly discovered security holes or weaknesses, one must assume that sooner or later the server may need to be reinstalled. This chapter will help you to prepare for the inevitable encroachment that we all hope will never happen.
Intruders want root level access because they know that is the only way they can get around all system restrictions, but we must fully anticipate system misuse by the normal user also. In this chapter you will learn how to use techniques to help protect files from the prying eyes and wanton access attempts by the ordinary user . You will learn how to protect even directories that are world writable so that only the owner of a file will be able to write to it.
Learn how to protect the most sensitive information through the use of cryptography. You will take positive steps to deprive an intruder as well as the curious user of access to sensitive data. Learn how to secure identity information and sensitive financial records. Make use of the crypto-filesystem that can add a great deal of peace of mind to your business.
Understanding of how authentication and system access controls function will help you to provide better locks and improved safeguards against unauthorized system access. This chapter covers the pluggable authentication modules (PAM) and the name service switcher (NSS) that handle the core identity validation and access control for the Linux system.
The UNIX system permits processes to be run from a branch in the file system that looks like it is the whole machine. In reality, the process is running in a tightly sealed off part of the real file system, but a user who happens to intrude into the protected process will be able to damage only the sealed-off area, not the whole machine. This means that it is possible to contain intrusion damages to only the affected service thereby helping to keep unaffected service operative . This chapter is very detail oriented, as it must be, so you can gain a sure foothold on system integrity.
Communication over local as well as public networks can not be avoided. Learn how
to secure all private traffic that must traverse a public network infrastructure. You will learn how to use secure data tunneling techniques as well as use of secure communication tools.
In this chapter you will experience the use of system monitoring as well as the use of sophisticated tools to probe and prove your Linux system against security weaknesses.
Scattered throughout this book you will find reference to logging or critical information. Here you will learn how to configure a centralized log server that can be equipped with automated log file scanning and reporting tools. Never give a criminal an even break; instead you will most likely be alerted to an intruder before he even knows you are watching him.
Just when you think that the application of patches and security updates is so easy, you stumble upon this chapter to help you to take hold of a most intensely important responsibility. Seasoned security veterans are well aware that change management is part of the patching and update process. This chapter may seem so obvious, but do not let the benefits of proper controls pass you by. There is something for even the most experienced security plumber in this chapter.
What more can be done to find the cancer within? This chapter provides a cogent answer to nagging doubts regarding system security “ system self monitoring is an indispensable technique in integrity management. This chapter puts it in perspective.
Find out how to get management buy-in for Linux system hardening. The tips and tools presented here are worth more their weight in gold “ they will help you to get total commitment to the return on investment opportunity that management expects.
Finally, your server has been secured and management has bought into your security goals and objectives. Now to maintain that support you ll learn how to set goals and implement sustainable security policies and practices that work.