لطفا منتظر باشید ...
How Many Daemons Can Dance on the Head of the Linux Process Table?
Every commercial operating system company wants to make its operating systems easy to install and use. Operating systems are inherently complex animals, and Linux is no exception. (Of course, we’re not biased when we say that Linux is, overall, a simpler system than Windows, whether you measure simplicity by the number of lines of code or the transparency — the open source concept — of its design.) Companies walk the tightrope of making systems easy to use and also making them reasonably secure — they sell more copies when they make it simple but buy your wrath when you get hacked.Ease of use and security often don’t get along. Your operating system is much easier to use, for example, if you install and activate every software package and option. On the other hand, running every software package means that you have more potential vulnerabilities. Entering your own house is a breeze if you install 10 doors and 20 windows, but that number of entrances also provides burglars with more opportunities to break in. The same logic applies to your computer’s operating system: The more software you install, the more chances someone has of getting inside your computer.We can’t think of a cure-all for this dilemma. The best answer from a security viewpoint is to not provide intruders with any openings: Place your computer in a locked room with no network or external connections and turn it off. You then have a truly safe system whose only job is to hold the floor down.As with most things in life, the best answer is to use your best judgment and balance security with ease of use. Run only the services you need. For example, don’t run the Samba file system service if you don’t want to use your Red Hat Linux computer as a (Windows) file system server. Don’t run the text-based gpm mouse program if you use the graphical X Window mode on your computer. The list is endless and is beyond the scope of this book to discuss in detail. You can find more info from these sources:
Web sites: Both www.sans.org and www.usenix.org deal with security issues.
HOWTOs: Go to the site www.redhat.com/docs/manuals/linux/ RHL-10.0-Manual and open the Customization Guide and Reference documents to access security advice.
Books covering security: Browse through your local bookstore to find Linux books that discuss how to reduce services. Some good books are Red Hat Linux Security and Optimization, by Mohammed J. Kabir, and Linux Security Toolkit, by David A. Bandel, both published by Wiley Publishing, Inc.
