Network security: securing Linux.

Author:Bauer, Michael D.
Position:Database and Network Intelligence - Industry Overview

According to Linux advocates, Linux is among the most versatile, stable, and securable operating systems ever developed. But according to its detractors, Linux is neither as reliable nor as trustworthy as other Unix variants. BSD proponents, for example, sometimes charge that Linux's code base is too convoluted to ever be as "tight" as OpenBSD or even FreeBSD.

1 don't presume to know in any definitive way whether Linux is more or less securable than other Unix variants. What I do know is that Linux is useful, stable, and securable enough to warrant the time and effort required to "harden" it against Internet threats. This article explains some of the reasons I believe it's both possible and worthwhile to secure Linux for use as an Internet server platform.

Why Run Linux?

Let's begin with the question of why you would want to choose Linux as an Internet server platform in the first place. The following four points come up in many different contexts besides security.

  1. Software Availability

    Linux is a popular platform with developers. Virtually any type of Internet service you wish to run, be it HTTP, FTP, IRC, or the latest thing you've read about on can be run on Linux. For example, the most popular Web server application on the Interact is Apache, a free product commonly run on Linux systems (see and apacheorg). Increasingly, popular commercial software packages are being ported to and supported on Linux as well.

  2. The Linux Community

    Linux is developed, supported, and used by a large, global community. Free technical support is available on free, online message boards and mailing lists. Commercial technical support is also available from Linux distributors such as Red Hat and SuSE, as well as from various consulting firms.

  3. Stability

    The Linux kernel has been developed with stability as a key design goal, which means that problems with other software applications rarely, if ever, crash the entire system. There is no Linux equivalent of the "Blue Screen of Death." Application stability itself varies from package to package, but the packages included in mainstream Linux distributions are nearly always stable.

  4. Supported Hardware

    Linux runs on a wide range of hardware platforms, from commodity PCs to RISC systems, as well as on desktops, laptops, and server configurations and components. You can even build Linux clusters, using free software such as Beowulf or ClusterIT (for more information, see the Linux...

To continue reading