Language Selection

English French German Italian Portuguese Spanish

Tips on keeping your Ubuntu Linux server secure

Filed under
Ubuntu

As a system administrator, one of your chief tasks is dealing with server security. If your server is connected to the Internet, for security purposes, it's in a war zone. If it's only an internal server, you still need to deal with (accidentally) malicious users, disgruntled employees and the guy in accounting who really wants to read the boss's secretary's e-mail.

In general, Ubuntu Server is a very secure platform. The Ubuntu Security Team, the team that produces all official security updates, has one of the best turnaround times in the industry. Ubuntu ships with a no open ports policy, meaning that after you install the machine - be it an Ubuntu desktop or a server - no applications will be accepting connections from the Internet by default. Like Ubuntu desktops, Ubuntu Server uses the sudo mechanism for system administration, eschewing the root account. And finally, security updates are guaranteed for at least 18 months after each release (five years for some releases, like Dapper), and are free.

In this section, we want to take a look at filesystem security, system resource limits, dealing with logs and finally some network security. But Linux security is a difficult and expansive topic; remember that we're giving you a crash course here, and leaving a lot of things out - to be a good administrator, you'll want to learn more.

Full Story.

More in Tux Machines

4 Tools for Network Snooping on Linux

Computer networking data has to be exposed, because packets can't travel blindfolded, so join us as we use whois, dig, nmcli, and nmap to snoop networks. Do be polite and don't run nmap on any network but your own, because probing other people's networks can be interpreted as a hostile act. Read more

Google’s Fuchsia OS on the Pixelbook: It works! It actually works!

Google currently has two OSes on the market: Android and Chrome OS. The company is never one to leave a successful product alone in the marketplace, though, so it's also developing a third operating system called "Fuchsia." When we last checked in on the experimental OS in May 2017, calling it an "OS" was a bit of a stretch. We only got the system UI up and running on top of Android, where it then functioned like an app. The UI offered a neat multi-window system, but mostly it was just a bunch of placeholder graphics. Nothing worked. It has been hard to check in on Fuchsia since. The Fuchsia system UI, which was written with a cross-platform SDK called "Flutter," quickly shut down the Android (and iOS) compatible builds. Fuchsia has a Vulkan-based graphics stack, and no emulator supports the new-ish graphics API. The only way to get Fuchsia up and running again was with actual hardware, and the only supported devices were Intel NUC PCs from 2015 and the Acer Switch Alpha 12 laptop. Read more

today's howtos

Games: Super Blood Hockey, Starship Titanic and More