Linux
Linux was developed by Linus
Torvalds in the early 1990’s. It was
meant to be an open source operating system.
This means all of the code for the operating system is open for editing
and review. Anyone can manipulate the
source code. This creates one of the
biggest differences between Linux and all other operating systems. Although, its roots come from Unix, it is
not an open source operating system so this makes a niche market for Linux.
There are two sides to the
security issue for Linux. One side
thinks that because Linux is an open source operating system this makes it more
vulnerable to hackers. The other side
of the coin is this makes it more secure.
I believe open source makes Linux more secure. More people are looking at the source code so more bugs and
security holes are found. I do think
more security holes are found and fixed with Linux.
Securing Linux is more
complex then the GUI operating systems like windows and Mac. With GUI interfaces, there is no need to
learn commands or command strings but it is necessary for Linux. You can not be a novice user and adjust
security in Linux.
Securing
ROOT
Root
is your main directory in Linux. This
directory has access to all files and commands. Securing your root directory should be your number one
priority. With the root, intruders can
do anything they want to your system.
This includes reading, writing, executing and deleteing any file. The best way to keep your root secure is by
the password. Use an unguessable
password. Also, the longer the password
the better.
Never
use the r utilities for your root.
These utilities allow remote access into your system. Disallowing remote access is good for all
operating systems not just Linux
Intrusion
detection: snort
Operating
systems can not stop security issues alone.
Applications or tools are used to supplement the operating system. A windows' example is zone alarm. Snort is one of these tools used with
Linux. Snort is distributed under the
GNU GPL (General Public License) by the author Martin Roesch. This means it freeware anyone can use. Snort has many complex functions. Snort analyzes traffic and detects a variety
of attacks.
File
Sharing
Linux
allows the owner of the program to grant file access. This is similar to Unix.
You can specify if someone can have read, write, and execute
privileges. The read privilege allows a
user to read your data but you can not write or execute. The write allows users to modify your
data. Execute allow users to run
applications. This differs from
windows. Windows does allow you to make
files read only but does not have an option for granting execute
privileges. Linux usually grants file
permissions by directories instead of files like Linux.
How Linux
compares
Compared
to other operating systems I believe Linux is more secure. This is not because of its source code. The reason Linux is more secure is
popularity. Windows is installed on
more home and business computers than any other operating system. This makes windows a large target for
hackers. This does not mean Linux has
less vulnerability. It does mean fewer
people are exploring Linux’s vulnerabilities.
Linux is still gaining popularity.
Eventually Linux’s target will be as big as windows.
All
operating systems will differ in their source code. However, the biggest issue with security is not with the
operating system but the user. The
basics must be followed. This includes
securing passwords and limiting remote access.
With out insuring these two issues are secure, no amount of operating
system security will detour hackers.
References:
http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
http://www.linuxsecurity.com/feature_stories/using-snort.html
http://www.findarticles.com/cf_0/m0IFW/4_24/82823710/print.jhtml
http://www.findarticles.com/cf_0/m0SMG/n12_v18/21130220/print.jhtml
http://www.linuxsecurity.com/
http://www.linuxsecurity.com/docs/SecurityAdminGuide/SecurityAdminGuide-8.html