Securing your Environment, Part One

Tuesday, February 1st, 2005

Share This:

Surprisingly, securing a site’s production environment is a task that many ignore until it’s too late. But the task need not be so onerous. Several LAMP tools can help shore up security.

This month and next, let’s look at two LAMP-based tools that can help protect your environment: Big Fish Firewall for deploying and configuring netfilter- based firewalls, and SNORT for intrusion detection.

Once you realize how simple these tools are to deploy, you’ll want to get started immediately rather than after your first security incident.

One Fish, Two Fish, Red Fish, Big Fish

There are many commercial firewall products available, and vendors sell options suited to corporations, individuals, and sites of all sizes in between. For example, Checkpoint (http://www.checkpoint.com/) manufactures firewalls and several other security products for production environments, and Cisco (http://www.cisco.com) offers the PIX series of firewalls for every site from home offices to Internet service providers. While both Checkpoint and Cisco offer products that are full-featured, robust, and reliable, deploying and managing these devices can be costly and can require a significant learning curve.

Luckily, the TCP/IP stack in the Linux operating system is very robust, featuring extensive packet filtering, network address translation (NAT), and other advanced firewall functions. Additionally, the netfilter package provides simple load-balancing for high-availability systems. In effect, you can deploy a commercially viable firewall solely on Linux, running the free operating system you already know on low-cost hardware in all layers of your network.

To be fair, however,…

1. Ubuntu's Encrypted Home Directory: A Canonical Approach to Data Privacy
2. Your Distro is Insecure: Ubuntu
3. On-the-fly Encryption with TrueCrypt
4. Enhance Security with Port Knocking
5. Linux Magazine Annual Security Survey 2007