Language Selection

English French German Italian Portuguese Spanish

Unix How-To: Give Me That Old-Time Security!

Filed under
Security
HowTos

Even in the wild frontiers of today's Internet, good basic Unix system security provides extremely valuable protection against security breaches. In today's column, I'm going to rant about some basic security rules of thumb that every Unix sysadmin ought to consider.

The first basic security rule is to keep your consoles safe. Lock them up, eliminate them by replacing them with console servers (recovering rack space at the same time), and make sure that only a very select group of people have access to them. What's more, access to your data centers should be limited to just those who need to lay hands on the servers. If anyone can walk in and out, you're asking for a headache.

Data centers should be equipped with UPS or, better still, a generator to keep them up through significant power outages. Wait, you ask, is power to the data center security? You bet it is! Anything that threatens the productivity of your staff and the smooth running of your business is a security concern. UPS systems can often be configured to send low battery signals to systems and initiate auto-shutdown options, further preventing hardware loss. Check your UPS systems and make use of this feature if it's supported. If your AC is not also on the UPS or generator, auto-shutdown of systems might prevent them from being damaged through overheating.

rest here




More in Tux Machines

Why and how I became a software engineer

Throughout my experiences, the fascinating weeks I'd spent writing out DOS commands remained a prominent influence, bleeding into little side projects and occupying valuable study time. As soon as Geocities became available to all Yahoo! Users, I created a website where I published blurry pictures that I'd taken on a tiny digital camera. I created websites for free, helped friends and family fix issues they had with their computers, and created a library database for a church. This meant that I was always researching and trying to find more information about how things could be made better. The Internet gods blessed me and open source fell into my lap. Suddenly, 30-day trials and restrictive licenses became a ghost of computing past. I could continue to create using GIMP, Inkscape, and OpenOffice. Read more

Linux Kernel 3.18.32 LTS Released with Btrfs, EXT4, ARM, x86, and PA-RISC Fixes

Immediately after announcing today the release of Linux kernel 4.1.23 LTS, and after informing us yesterday about the availability of Linux kernel 3.12.59 LTS, kernel developer Sasha Levin now published details about Linux kernel 3.18.32 LTS. Read more

Linux greybeards release beta of systemd-free Debian fork

The effort to create a systemd-free Debian fork has borne fruit, with a beta of “Devuan Jessie” appearing in the wild. Devuan came into being after a rebellion by a self-described “Veteran Unix Admin collective” argued that Debian had betrayed its roots and was becoming too desktop-oriented. The item to which they objected most vigorously was the inclusion of the systemd bootloader. The rebels therefore decided to fork Debian and “preserve Init freedom”. The group renamed itself and its distribution “Devuan” and got work, promising a fork that looked, felt, and quacked like Debian in all regards other than imposing systemd as the default Init option. Read more

GNOME Builder 3.20.2 Arrives with LLVM 3.8, FreeBSD and OpenBSD Support

The developers behind the GNOME Builder IDE (Integrated Development Environment) pushed earlier to updates of the software to the stable and devel channels, GNOME Build 3.20.2 and 3.21.1. Read more