After many months of work, Hal Burgiss has finished the first version of his very thorough Linux Security Quick-Start Guides. LinuxSecurity.com speaks with Hal about his documents and Linux security.
Recently I had an opportunity to speak with
Hal Burgiss, author of the Linux Security
Quick-Start HOWTO and the Security Quick-Start HOWTO for Red Hat.
Hal announces his documents after spending the last several months
writing
and researching the information necessary to provide a Linux
administrator
with the information necessary to secure his Linux box. In his
documents, he discusses such topics as how to get started with ipchains
and iptables, The Optimum Configuration, Intrusion Detection, configuring network services, and some great general tips.
LinuxSecurity.com: Why did you decide to write the Security Guides?
Hal Burgiss: Mainly, because I
see a certain amount of confusion from new users on
a range of issues. And then when I looked at what is in the repository
at linuxdoc.org, there was not really an introductory level doc on this
subject for inexperienced users.
LinuxSecurity.com: Who is
your target audience and why?
Hal Burgiss: Well, it's an
introductory level doc, so anyone new to Linux. It's primarily
aimed at home desktop users. While there is a wealth of security related
information around, there is not so much addressed to the new user who might
be coming from another platform. It's one thing to say 'turn off all unneeded
services', but quite another if you don't know what's 'needed' and what's
not. Or how to know what services are actually running, and where they are
getting started. And then verifying what you are doing has the intended,
lasting effect. It's not rocket science, but something new users need to
get up to speed on quickly.
LinuxSecurity.com: How did
you get started with Linux and security?
Hal Burgiss: Well, let's
see...I guess it goes back to when I switched from a part time
dialup connection to full time DSL. I got an instant case of paranoia, and
tried to learn as much as I could, as quickly as I could. I wanted to do some
of those things that full time connections and Linux are good for -- mail
server, etc. And I wanted to make sure I could do this without worrying 24/7.
That led to just a general interest in the subject.
LinuxSecurity.com: What are
some of the common pitfalls that new Linux users face?
Hal Burgiss: I would say not
knowing what services are running, and which ones of those
are really needed for any given situation. How many boxes have been cracked
by BIND or portmapper exploits, and the user didn't even know what these
were, much less that they were running? And secondly, not knowing how
important it is to keep installed packages current.
LinuxSecurity.com: What do you
feel is the most common Linux system vulnerability? What can be done to
prevent this?
Hal Burgiss: For the target
audience of this HOWTO, I'm not so sure specifically which
ones is all that relevant. They should think of them all as having some
likelihood of vulnerability. What would really help is for vendors not
to start any exposed services in their default installations. Or at
least make sure a functional firewall is in place.
LinuxSecurity.com: Do you
believe the open source nature of Linux provides a superior vehicle to making
security vulnerabilities easier to spot and fix?
Hal Burgiss: Sure. But getting
the fixes to the masses is another hurdle.
LinuxSecurity.com: Where do
vendors fit in with the process of helping with security?
Hal Burgiss: Linux distros always
have supplied the tools and the means to maintain
secure systems. But often made it just too easy to open up everything
under the sun. This seems to be changing for the better here recently.
Something I don't think most vendors do well is making it easy to find
security related information and updates. This is often buried somewhere.
Or at least not so obvious as it could be. For experienced users, this
is not a problem.
LinuxSecurity.com: What do you
see as the biggest threat to Linux users?
Hal Burgiss: For home users, it
is other Linux users. The ones that weren't aware, got
cracked, and now have some rootkit installed that is poking the 'net for weak
spots.
LinuxSecurity.com: What is the
biggest challenge writing this type of documentation?
Hal Burgiss: The inconsistencies
between various distributions as to where system files
are located, and the tools to control system services. I still don't have a
handle on this. Every distribution seems to be a variation on a theme in this
respect. This makes it impossible to give concrete examples in some cases.
Which leads to intentional vagueness. Which is not so good. I really believe
examples are the best way to learn something new.
LinuxSecurity.com: Why a
Red Hat version?
Hal Burgiss: First, because
Red Hat and the various Red Hat based distributions hold a
large chunk of the market. And specifically, a large chunk of the new to
Linux market. Secondly, I use Red Hat. Third, I wanted as many concrete
examples as possible. This just not work for a generic Linux version due to
the idiosyncracies of the various distributions.
LinuxSecurity.com: Hal,
thanks very much for taking time from your schedule to enlighten our audience.
We look forward to seeing your future Linux security information!
Are you working on a security project that you'd like to announce to the world? LinuxSecurity.com would love to hear from you.
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
