Linux has the potential to be a very secure operating system but is usually not that secure straight out of the box. Whether you’re new to Linux or a seasoned administrator, setting up a firewall and protecting your system from attacks can be daunting tasks. Luckily, there are a few references available, and this month we’ll look at two of them.
Real World Linux Security
Bob Toxen’s Real World Linux Security is a hefty tome, wherein he describes in great detail how to secure a Linux system. Toxen was one of the developers of Berkeley Unix and has been working with Unix-type systems for 26 years. His experience is evident throughout the book, which consists of 21 chapters that cover the gamut of security risks, how to detect and fix them, and what one should do in the event that your system is compromised. Some of the security issues described are strictly for high-security systems and highly paranoid system administrators.
Real World Linux Security is a complete book that covers all of the bases. Depending on the level of security needed on your system, it could take quite a while to work through the entire book and take care of all the security issues that Toxen explores. However, the security holes are listed in order of severity in Appendix H, giving the harried system administrator a laundry list of issues to deal with when time is short. The book also includes a CD-ROM with popular open source security tools and a few programs written by Toxen himself to detect and repel attacks.
If you are responsible for the security of a Linux system, you should own this book. Toxen’s work is an invaluable asset for novice and experienced admins alike.
Building Linux and OpenBSD Firewalls
At one time, you would only find firewalls in certain (usually corporate) networked environments. However, with the popularity of high-speed, always-on Internet connections and cheap, spare machines in the home, just about anyone can benefit from having a firewall to protect their network.
However, setting up a firewall is no trivial task. Building Linux and OpenBSD Firewalls is a great book for the novice who needs to configure and deploy a firewall for their network. It’s also great for the experienced Linux admin who’d like to learn more about security and a bit about OpenBSD.
The authors do a great job of explaining the basics of security with clarity and humor. Not only does the book contain a great deal of useful information, it’s a pleasant read, which makes the task of setting up a firewall much easier. And if you need help making a decision between Linux and OpenBSD, there’s lots of help to be found on that topic as well.
In Firewalls, the authors walk the reader through deciding on security needs, picking the right hardware for the firewall, and installing OpenBSD or Red Hat. Unfortunately, they focus on Red Hat 6.0, which is several versions behind the most recent release.
Once the hardware and the OS are in place, the authors spend a bit of time explaining how to configure and tune the firewall. The book also contains a chapter on intrusion detection.
While the book only scratches the surface of network security, it is a great reference for anyone who needs to set up a Linux or OpenBSD firewall.