Red Hat Linux Fedora For Dummies [Electronic resources] نسخه متنی

Understanding the Security Process

The best way to look at security is as a process. The more you think about it and the more you study it, the safer you are. You should use the security systems described in this chapter as the foundation for your security process. However, you should continue to build your security process to meet the needs of your own computer system and network.

This section outlines some additional building blocks you may consider adding to your process:

Making backups: Backups are part of the security process? Yes! Backups are an essential security tool in the sense that you can never eliminate the possibility of getting hacked. If and when your security is breached, you may lose all sorts of information and configurations. For example, your computer may be completely erased or, worse, you may not know which files are good or bad. You must ensure your ability to recover from these types of catastrophes.

One good backup method is to use the GNOME Toaster application, as we describe in Chapter 11. You can store your user account and configuration files on a CD-R/RW. It’s reliable and should last forever. The only limitation is its ability to store only 700MB to 800MB; you can store more data with compression, however.

Security education: Keeping up with security trends and topics helps you avoid getting bitten by new hacks. Knowing your adversaries and their techniques is essential.

These URLs provide good security-based information; see Chapter 21 for some current top security holes:

www.red.com/docs/manuals/linux/RHL-10-Manual/security-guide/

www.linuxsecurity.com

www.sans.org

www.nmap.org

www.securitytracker.com

www.infosyssec.com

www.cert.org

Physical security: We focus on network-based security in this book. We assume that your Red Hat Linux computer is running on your home network, in which case you have to worry most about Internet bad guys. However, in an office environment, you have to worry about physical security.

Physical security involves preventing people from walking up and gaining unauthorized access to your computer. You should set a BIOS password to prevent anyone from booting your computer into single-user mode, totally avoiding your Linux passwords. You should lock your computer in your office, if possible, to prevent anyone from stealing your hard drive. Don’t, under any circumstances, write your passwords in any accessible place (like on your desk or computer.)

You should also set the GNOME (or KDE) screen lock unless you want to log out every time you leave your desk. Choose GNOME MenuPreferencesScreensaver and then select the Lock Screen After option. Select the amount time to wait before locking your screen and then click the Close button.

Boring consistency: Good long-term security depends on consistency. Making your backups, reading security logs, and performing other, similar tasks all depend on your maintaining interest. It’s just like staying in shape: You can’t be good for a while and then forget about your exercise routine.