Linux Security Outline

Linux Security Outline

Encryption software 1) LUKS, 2) TrueCrypt, 3) GNU Privacy Guard
Encryption is a set of techniques and mathematical formulas used to encode, hide and make unreadable files and network communications. Examples include SSL, ssh and IPSEC. Encryption often concerns the hiding of not only the communications, but also the identity of the sender, thus techniques like anonymous remailers fall in this category. Many interesting technologies, including digital money and encrypted P2P file sharing systems are made possible or advanced thanks to encryption algorithms.
Authentication
Authentication concerns the means by which one can verify that a user (a person, a computer user, or typically another computer program) is who they claim to be, rather than an imposter, fraudster or spy. Password systems, PAM, PGP/GPG and kerberos are all authentication systems.
Firewalls
Firewalls are network packet filters that are capable of blocking unwanted network traffic, while passing through allowed traffic. Firewalls are often the first line of defense against crackers and Internet worms, which can be blocked by denying the means of network ingress.
Spam Filters
Spam filters are a special case of content-based blocking: when network traffic takes a particular form (such as unsolicited email advertising), it is blocked or discarded.
Intrusion Detection Systems
Intrusion Detection Systems (IDS'es) attempt to determine when a cracker is trying to break into a system, or has broken into a system, and give the system administrator warning the a breakin is imminent or has occurred. IDS's can watch for inappropriate network traffic going to inappropriate ports (e.g. SNORT), unexpected file modifications (e.g. TripWire) or inappropriate system calls (e.g. Remus).
Honeypots
Honeypots are intentionally insecure computer systems to attract crackers like flies to honey, where their actions, behaviors and techniques can be observed.
Hypervisors/Virtual Machines (VM's)...

Similar Essays