12.3 Application SecurityHaving good user authentication is an important security measure. However, using good user authentication isn't the only thing that you can do to improve the security of your computer and your network. Many break-ins occur when bugs in applications are exploited or when applications are misconfigured. In this section we'll look at some things you can do to improve application security. 12.3.1 Remove Unnecessary SoftwareAny software that allows an incoming connection from a remote site has the potential of being exploited by an intruder. Some security experts recommend you remove every daemon from the /etc/inetd.conf file that you don't absolutely need. (Configuring the inetd.conf files is discussed in Chapter 6, Configuring the Interface , with explicit examples of removing tftp from service.) Server systems may require several daemons, but most desktop systems require very few, if any. Removing the daemons from inetd.conf only prevents in-bound connections. It does not prevent out-bound connections. A user can still initiate a telnet to a remote site even after the telnet daemon is removed from her system's inetd.conf . A simple approach used by some people is to start by removing everything from inetd.conf and then add back to the file only those daemons that you decide you really need. 12.3.2 Keep Software UpdatedVendors frequently release new versions of network software for the express purpose of improving network security. Use the latest version of the network software offered by your vendor. Track the security alerts, CERT advisories, and bulletins to know what programs are particularly important to keep updated. Even programs that are installed to improve security can have bugs that compromise security. The shadow password software for Linux is an example. You must use shadow-960129.tar or later, or risk compromising your system. If you fail to keep the software on your system up-to-date you open a big security hole for intruders. Intruders don't discover new problems; they exploit well-known problems. Keep track of the known security problems so you can keep your system up-to-date. Stay informed about the latest information about all fixes for your system. The computer security advisories are a good way to do this. Contact your vendor and find out what services they provide for distributing security fixes. Make sure that the vendor knows that security is important to you. |
|