Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 77 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here



Current HOWTO: Security-HOWTO

Linux Security HOWTO

Linux Security HOWTO

Kevin Fenzi

Dave Wreski


v2.3, 22 January 2004

This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders. Also included are pointers to security-related material and programs. Improvements, constructive criticism, additions and corrections are gratefully accepted. Please mail your feedback to both authors, with "Security HOWTO" in the subject.

Table of Contents
1. Introduction
1.1. New Versions of this Document
1.2. Feedback
1.3. Disclaimer
1.4. Copyright Information
2. Overview
2.1. Why Do We Need Security?
2.2. How Secure Is Secure?
2.3. What Are You Trying to Protect?
2.4. Developing A Security Policy
2.5. Means of Securing Your Site
2.6. Organization of This Document
3. Physical Security
3.1. Computer locks
3.2. BIOS Security
3.3. Boot Loader Security
3.4. xlock and vlock
3.5. Security of local devices
3.6. Detecting Physical Security Compromises
4. Local Security
4.1. Creating New Accounts
4.2. Root Security
5. Files and File system Security
5.1. Umask Settings
5.2. File Permissions
5.3. Integrity Checking
5.4. Trojan Horses
6. Password Security and Encryption
6.1. PGP and Public-Key Cryptography
6.2. SSL, S-HTTP and S/MIME
6.3. Linux IPSEC Implementations
6.4. ssh (Secure Shell) and stelnet
6.5. PAM - Pluggable Authentication Modules
6.6. Cryptographic IP Encapsulation (CIPE)
6.7. Kerberos
6.8. Shadow Passwords.
6.9. "Crack" and "John the Ripper"
6.10. CFS - Cryptographic File System and TCFS - Transparent Cryptographic File System
6.11. X11, SVGA and display security
7. Kernel Security
7.1. 2.0 Kernel Compile Options
7.2. 2.2 Kernel Compile Options
7.3. Kernel Devices
8. Network Security
8.1. Packet Sniffers
8.2. System services and tcp_wrappers
8.3. Verify Your DNS Information
8.4. identd
8.5. Configuring and Securing the Postfix MTA
8.6. SATAN, ISS, and Other Network Scanners
8.7. sendmail, qmail and MTA's
8.8. Denial of Service Attacks
8.9. NFS (Network File System) Security.
8.10. NIS (Network Information Service) (formerly YP).
8.11. Firewalls
8.12. IP Chains - Linux Kernel 2.2.x Firewalling
8.13. Netfilter - Linux Kernel 2.4.x Firewalling
8.14. VPNs - Virtual Private Networks
9. Security Preparation (before you go on-line)
9.1. Make a Full Backup of Your Machine
9.2. Choosing a Good Backup Schedule
9.3. Testing your backups
9.4. Backup Your RPM or Debian File Database
9.5. Keep Track of Your System Accounting Data
9.6. Apply All New System Updates.
10. What To Do During and After a Breakin
10.1. Security Compromise Underway.
10.2. Security Compromise has already happened
11. Security Sources
11.1. LinuxSecurity.com References
11.2. FTP Sites
11.3. Web Sites
11.4. Mailing Lists
11.5. Books - Printed Reading Material
12. Glossary
13. Frequently Asked Questions
14. Conclusion
15. Acknowledgments

The Linux Tutorial completely respects the rights of authors and artists to decide for themselves if and how their works can be used, independent of any existing licenses. This means if you are the author of any document presented on this site and do no wish it to be displayed as it is on this site or do not wish it to be displayed at all, please contact us and we will do our very best to accommodate you. If we are unable to accommodate you, we will, at your request, remove your document as quickly as possible.

If you are the author of any document presented on this site and would like a share of the advertising revenue, please contact us using the standard Feedback Form.

Show your Support for the Linux Tutorial

Purchase one of the products from our new online shop. For each product you purchase, the Linux Tutorial gets a portion of the proceeds to help keep us going.



Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
You can help in many different ways.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.12 Seconds