Chapter 14: Computer Security Issues

With the growth of the Internet, computer and network security has become more important than ever. Assaults on your Fedora or Red Hat Linux system can come in many forms, such as denial-of-service attacks, break-in attempts, or hijacking your machine as a spam relay, to name a few.

In many cases, good practices for setting and protecting passwords, monitoring log files and creating good firewalls will keep out many would-be intruders. Sometimes, more proactive approaches are needed to respond to break-ins. This chapter will familiarize you, as a Linux administrator, with the dangers that exist and the tools necessary to protect your system.

Hacker versus Cracker

In short, a hacker is someone who programs creatively and usually for the pure enjoyment of it (most programmers who work on Linux are hackers in this sense). The correct term for someone who breaks into computer systems is a cracker.

There are many types of crackers, ranging from professional computer criminals to the hobbyist types who break into computers for the thrill. The growth of the cracker problem has kept pace with the growth of the Internet. A new, younger generation of crackers is emerging. These teenage pseudo-crackers do not have all the knowledge and skill of their true cracker counterparts, but they have access to a growing number of cracker tools that automate the breaking of a system's security.

By using programs and scripts created by more advanced crackers, youngsters can often break into systems without really knowing the details of how it is done. Because they are usually young and mostly dependent on tools provided by others, they are sometimes referred to as scriptkiddies. Make no mistake, if your system is not properly secured, scriptkiddies can do just as much damage as any other cracker.

Whatever you call them, crackers pose a serious risk to anyone connecting a computer to the Internet. Their reasons for breaking into systems are varied; some hope to steal financial information, others wish to gain bragging rights among their peers.

Often, a system is broken into solely for use as a jumping-off point to launch further attacks on other systems. In some cases, the damage may be as little as an altered Web page, the Internet equivalent of graffiti. In other cases, the cracker may wipe out your entire hard drive to cover his or her tracks. Fortunately, there are ways to protect yourself.