Language Selection

English French German Italian Portuguese Spanish

Unix How-To: Give Me That Old-Time Security!

Filed under
Security
HowTos

Even in the wild frontiers of today's Internet, good basic Unix system security provides extremely valuable protection against security breaches. In today's column, I'm going to rant about some basic security rules of thumb that every Unix sysadmin ought to consider.

The first basic security rule is to keep your consoles safe. Lock them up, eliminate them by replacing them with console servers (recovering rack space at the same time), and make sure that only a very select group of people have access to them. What's more, access to your data centers should be limited to just those who need to lay hands on the servers. If anyone can walk in and out, you're asking for a headache.

Data centers should be equipped with UPS or, better still, a generator to keep them up through significant power outages. Wait, you ask, is power to the data center security? You bet it is! Anything that threatens the productivity of your staff and the smooth running of your business is a security concern. UPS systems can often be configured to send low battery signals to systems and initiate auto-shutdown options, further preventing hardware loss. Check your UPS systems and make use of this feature if it's supported. If your AC is not also on the UPS or generator, auto-shutdown of systems might prevent them from being damaged through overheating.

rest here




More in Tux Machines

Games and CrossOver

Red Hat and Fedora

Android Leftovers

Leftovers: OSS and Sharing

  • CoreOS Tectonic Now Installs Kubernetes on OpenStack
    CoreOS and OpenStack have a somewhat intertwined history, which is why it's somewhat surprising it took until today for CoreOS's Tectonic Kubernetes distribution to provide an installer that targets OpenStack cloud deployments.
  • Docker and Core OS plan to donate their container technologies to CNCF
    Containers have become a critical component of modern cloud, and Docker Inc. controls the heart of containers, the container runtime. There has been a growing demand that this critical piece of technology should be under control of a neutral, third party so that the community can invest in it freely.
  • How Blockchain Is Helping China Go Greener
    Blockchain has near-universal applicability as a distributed transaction platform for securely authenticating exchanges of data, goods, and services. IBM and the Beijing-based Energy-Blockchain Labs are even using it to help reduce carbon emissions in air-polluted China.
  • An efficient approach to continuous documentation
  • The peril in counting source lines on an OSS project
    There seems to be a phase that OSS projects go through where as they mature and gain traction. As they do it becomes increasingly important for vendors to point to their contributions to credibly say they are the ‘xyz’ company. Heptio is one such vendor operating in the OSS space, and this isn’t lost on us. :) It helps during a sales cycle to be able to say “we are the a big contributor to this project, look at the percentage of code and PRs we submitted”. While transparency is important as is recognizing the contributions that key vendors, focus on a single metric in isolation (and LoC in particular) creates a perverse incentive structure. Taken to its extreme it becomes detrimental to project health.
  • An Open Source Unicycle Motor
    And something to ponder. The company that sells this electric unicycle could choose to use a motor with open firmware or one with closed firmware. To many consumers, that difference might not be so significant. To this consumer, though, that’s a vital difference. To me, I fully own the product I bought when the firmware is open. I explain to others that they ought to choose that level of full ownership whenever they get a chance. And if they join a local makerspace, they will likely meet others with similar values. If you don’t yet have a makerspace in your community, inquire around to see if anyone is in the process of forming one. Then find ways to offer them support. That’s how we do things in the FOSS community.
  • The A/V guy’s take on PyCon Pune
    “This is crazy!”, that was my reaction at some point in PyCon Pune. This is one of my first conference where I participated in a lot of things starting from the website to audio/video and of course being the speaker. I saw a lot of aspects of how a conference works and where what can go wrong. I met some amazing people, people who impacted my life , people who I will never forget. I received so much of love and affection that I can never express in words. So before writing anything else I want to thank each and everyone of you , “Thank you!”.
  • Azure Service Fabric takes first tentative steps toward open source [Ed: Microsoft Peter is openwashing a patent trap with back doors]
  • Simulate the Internet with Flashback, a New WebDev Test Tool from LinkedIn
  • Mashape Raises $18M for API Gateway Tech
    Casado sees Mashape's Kong API gateway in particular as being a particularly well positioned technology. Kong is an open-source API gateway and microservice management technology.
  • PrismTech to Demonstrate Open Source FACE 2.1 Transport Services Segment (TSS) Reference Implementation at Air Force FACE Technical Interchange Meeting
    PrismTech’s TSS reference implementation is being made available under GNU Lesser General Public License (LGPL) v3 open source license terms.
  • How Open-Source Robotics Hardware Is Accelerating Research and Innovation

    The latest issue of the IEEE Robotics & Automation Magazine features a special report on open-source robotics hardware and its impact in the field.