Next Previous Contents

1. Introduction

This document covers the major security issues that affect Linux security. General philosophy and net born resources are also discussed.

A number of other HOWTO documents overlap with security issues, and those have been pointed to wherever appropriate.

This document is not meant to be a up to date exploits document. Large numbers of new exploits happen all the time. This document will point you where to look for such up to date information, and some general methods to prevent such exploits from taking place.

Additionally, while there are several resources available in various places on the Internet regarding general security, we are trying to consolidate much of this general information, and provide information a general system administrator can use as a practical guide. This should in no means substitute for reading books on the appropriate subject, and practical experience which works for you.

The US Government has several organizations devoted to computer security, and generally the information they have online is quite extensive, and very useful. A general introduction to computer security is available at http://csrc.ncsl.nist.gov/nistpubs/800-12/ which will be very useful.

See the References section for pointers to security references. It is also a tremendous advantage if you understand how TCP/IP works, and some of the common system administration functions. You might find this guide helpful in a beginner introduction http://www.sunworld.com/sunworldonline/swol-11-1995/swol-11-sysadmin.html While it is Solaris-centric, you'll find much of this information general enough to still be applicable.

You may also find this link helpful http://www.cis.ohio-state.edu/~dolske/gradwork/cis694q/ for another introduction to TCP, including how sequence numbers work, which is the foundation of ``man in the middle'' attacks, a description of the SYN/ACK handshake used to initiate a TCP connection, a description of a few of the problems in TCP/IP, a few other types of attacks, and how they work, as well as some solutions to these problems.

1.1 New Versions of this Document

New versions of this document will be periodically posted to comp.os.linux.answers. They will also be added to the various anonymous FTP sites who archive such information, including:

ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO

In addition, you should generally be able to find this document on the Linux Documentation Project Web home page via:

http://sunsite.unc.edu/LDP/

Finally, the very latest version of this document should also be available in various formats from either of the following:

http://linuxsecurity.com/docs/

1.2 Feedback

All comments, error reports, additional information and criticism of all sorts should be directed to:

<dave@linuxsecurity.com>

1.3 Disclaimer

No liability for the contents of this documents can be accepted. Use the concepts, examples and other content at your own risk. Additionally, this is an early version, with many possibilities for inaccuracies and errors. It is provided "as is" without express or implied warranty.

Many of the examples and descriptions in this document refer specifically to the Red Hat distribution. We are very interested in incorporating other distributions as well. If you have ideas on how other distributions perform the same measures as are listed here, we would be interested in hearing from you.

1.4 Copyright Information

This document is copyrighted (c)1998 Dave Wreski, and distributed under the following terms:


Next Previous Contents