Avoiding security blunders in Linux and IT infrastructures
When it comes to IT infrastructure security, there are things that IT managers just shouldn't do. This two-part tip is written for those who'd like to avoid making those mistakes. It covers four security areas that are either ignored or overlooked in IT infrastructure security, with a focus on securing Linux-based hosts.
In part one, I focus on problems with installations and the hard-perimeter, soft-center security approach. In part two, I look at common gaps in physical security and the problems caused by the "set-it-and-forget-it" mentality.
Installing more than you need
Using the default installation options during the installation of a Linux distribution can lead to the unnecessary installation of applications or services. This can include tools like X Window, Web browsers and email servers that may not be required on a host. These additional packages can provide services, tools and vulnerabilities that an attacker could exploit in order to compromise your host.