Linux Securities

1119 Words5 Pages
Security of a system when you are open to the internet is paramount in the world of servers. Linux has many layers of ever evolving security in order to keep up with the would be attackers in cyberspace. This is one of the reasons that Linux is one of the most used servers for internet sites and has few viruses engineered towards it. IP Tables Developed by the Netfilter organization the IP tables package for Linux is an evolution of the IP chains which came from the IPv4 Linux firewall package. Paul Russel was the initial head author of the organization and also behind the IP chains project The Netfilter organization began to come together in 1999 and through collaboration and research recognized the shortcomings of the IP chains…show more content…
Traditionally Linux security has been run using DAC ( Discretionary Access Control ), which is based on users and groups to control which users and processes can access files and how they do it. This runs into a problem since the owner of a file has control over its permissions which can be less than ideal. SELinux ( Security-Enhanced Linux ) implements MAC ( Mandatory Access Control ), which is under the direct control of the systems administrator and is located in the kernel where it can control and enforce security, giving only the permissions needed to processes and users. In the way of vulnerabilities I could not find much for SELinux, which is a testament to the power of MAC. As secure as it may be, for most home users this system is a bit complicated and can block services and make it look like a common error, making troubleshooting problematic. I would still recommend using a firewall in conjunction with SELinux as security is best utilized when it is layered in order to make attacks more difficult. Linux has a rich history of collaborations between different organizations and input from users worldwide. This has led to a world class piece of open source software that has proven itself to have both the reliability and security to provide the peace of mind for users and corporations worldwide to use for day to day operations and
Open Document