Assorted Security Tips for UNIX

Arthur Donkers

See Sidebar

This article is a collection of tips and tricks to secure your internal network. By using the standard supplied tools and configuring your system with a bit of common sense, you should be able to prevent about 80% of security-related problems.

Why should you secure your internal network? Simply because most break-ins occur from another machine on your local network. These intrusions might be accidental or malicious, but that does not matter. They might be done by your own staff or people you hired for a project, but that does not matter either. These break-ins happen, and you must prevent them. Because there are so many internal networks, I cannot cover them all in this article, so I will concentrate on TCP/IP-based networks built of UNIX computers connected directly via the LAN, or via a router and a WAN connection.

Tip 1: Know Your Network

This may seem obvious, but to make your network secure, you must know how it works, what is connected to what, and who the users are.

Typically, you would divide the machines connected to your network into two groups, the servers and the clients. This division makes sense; however, it does not always depict the real situation. A client machine may double as a sort of server machine, in that it has extra privileges with one or more servers. Using these privileges, it could mount a special NFS volume with sensitive data on it.

Most modern networks today contain not only UNIX machines, but also PCs. People can install freely available UNIX implementations, like Linux and FreeBSD, onto their local PCs, which gives them access to a full-blown UNIX machine, including root access. Root access allows them to use all kinds of tools available on the Internet to roam your network looking for information.