48.2. CERT Security ChecklistsIf you can stand the access times, one of the most valuable web sites for Unix security information is the CERT (Computer Emergency Response Team) web site at http://www.cert.org. At this site you'll be able to find information about the latest security alerts (Section 48.3), where to get security patches for your operating system, and the CERT Unix Security Checklist. The CERT Unix Security Checklist is a step-by-step overview of what security procedures you need to implement for your Unix system, regardless of the type of system you have. There's no magic formula in the Checklist, just good common sense. First of all, keep your system up to date with the most recent security patches. Always apply the most restrictive permission (Section 50.5) on a file: if a file only needs to be read-only, make sure its file permissions are set to read-only, and so on. Other tips are disabling Internet services you're not using and protecting your system so it can't be used to launch denial-of-service attacks (DoS) (Section 48.5). Above all, the Checklist emphasizes an attitude of "Go ahead, be paranoid -- someone is out to break into your system." If your Unix box is connected in any way to the Internet, the Checklist is the first thing you should print out and review, one step at a time, before you install your Unix operating system or turn on your machine. Definitely before you connect to the Internet. NOTE: The CERT web site has extremely slow access times. I imagine this is because it's a popular site. I can also imagine that the site is the target of every cracker in the world. Regardless of the cause of the slowness, access the site only during non-peak hours, if there is such a thing with a 24-hour-a-day Internet. -- SP Copyright © 2003 O'Reilly & Associates. All rights reserved. |
|