After many months of work, Hal Burgiss has finished the first version of his very thorough Linux Security Quick-Start Guides. LinuxSecurity.com speaks with Hal about his documents and Linux security.

Recently I had an opportunity to speak with Hal Burgiss, author of the Linux Security Quick-Start HOWTO and the Security Quick-Start HOWTO for Red Hat. Hal announces his documents after spending the last several months writing and researching the information necessary to provide a Linux administrator with the information necessary to secure his Linux box. In his documents, he discusses such topics as how to get started with ipchains and iptables, The Optimum Configuration, Intrusion Detection, configuring network services, and some great general tips.

LinuxSecurity.com: Why did you decide to write the Security Guides?

Hal Burgiss: Mainly, because I see a certain amount of confusion from new users on a range of issues. And then when I looked at what is in the repository at linuxdoc.org, there was not really an introductory level doc on this subject for inexperienced users.

LinuxSecurity.com: Who is your target audience and why?

Hal Burgiss: Well, it's an introductory level doc, so anyone new to Linux. It's primarily aimed at home desktop users. While there is a wealth of security related information around, there is not so much addressed to the new user who might be coming from another platform. It's one thing to say 'turn off all unneeded services', but quite another if you don't know what's 'needed' and what's not. Or how to know what services are actually running, and where they are getting started. And then verifying what you are doing has the intended, lasting effect. It's not rocket science, but something new users need to get up to speed on quickly.

LinuxSecurity.com: How did you get started with Linux and security?

Hal Burgiss: Well, let's see...I guess it goes back to when I switched from a part time dialup connection to full time DSL. I got an instant case of paranoia, and tried to learn as much as I could, as quickly as I could. I wanted to do some of those things that full time connections and Linux are good for -- mail server, etc. And I wanted to make sure I could do this without worrying 24/7. That led to just a general interest in the subject.

LinuxSecurity.com: What are some of the common pitfalls that new Linux users face?

Hal Burgiss: I would say not knowing what services are running, and which ones of those are really needed for any given situation. How many boxes have been cracked by BIND or portmapper exploits, and the user didn't even know what these were, much less that they were running? And secondly, not knowing how important it is to keep installed packages current.

LinuxSecurity.com: What do you feel is the most common Linux system vulnerability? What can be done to prevent this?

Hal Burgiss: For the target audience of this HOWTO, I'm not so sure specifically which ones is all that relevant. They should think of them all as having some likelihood of vulnerability. What would really help is for vendors not to start any exposed services in their default installations. Or at least make sure a functional firewall is in place.

LinuxSecurity.com: Do you believe the open source nature of Linux provides a superior vehicle to making security vulnerabilities easier to spot and fix?

Hal Burgiss: Sure. But getting the fixes to the masses is another hurdle.

LinuxSecurity.com: Where do vendors fit in with the process of helping with security?

Hal Burgiss: Linux distros always have supplied the tools and the means to maintain secure systems. But often made it just too easy to open up everything under the sun. This seems to be changing for the better here recently. Something I don't think most vendors do well is making it easy to find security related information and updates. This is often buried somewhere. Or at least not so obvious as it could be. For experienced users, this is not a problem.

LinuxSecurity.com: What do you see as the biggest threat to Linux users?

Hal Burgiss: For home users, it is other Linux users. The ones that weren't aware, got cracked, and now have some rootkit installed that is poking the 'net for weak spots.

LinuxSecurity.com: What is the biggest challenge writing this type of documentation?

Hal Burgiss: The inconsistencies between various distributions as to where system files are located, and the tools to control system services. I still don't have a handle on this. Every distribution seems to be a variation on a theme in this respect. This makes it impossible to give concrete examples in some cases. Which leads to intentional vagueness. Which is not so good. I really believe examples are the best way to learn something new.

LinuxSecurity.com: Why a Red Hat version?

Hal Burgiss: First, because Red Hat and the various Red Hat based distributions hold a large chunk of the market. And specifically, a large chunk of the new to Linux market. Secondly, I use Red Hat. Third, I wanted as many concrete examples as possible. This just not work for a generic Linux version due to the idiosyncracies of the various distributions.

LinuxSecurity.com: Hal, thanks very much for taking time from your schedule to enlighten our audience. We look forward to seeing your future Linux security information!

Are you working on a security project that you'd like to announce to the world? LinuxSecurity.com would love to This email address is being protected from spambots. You need JavaScript enabled to view it..