HackFest Series: Your Distro Might be Insecure
Lisa Kachold
lisakachold at obnosis.com
Tue Apr 14 20:52:27 MST 2009
Hope you enjoy this Linux Ragazine article that examines Ubuntu right out of
the box.
excerpt:
During the last couple of years, Linux distributions have focused on
improving the installation process of Linux in order to make the freely
available operating system available to more people. It’s a noble goal,
however, when making anything in computing easier, a common approach is to
make a number of decisions for the user — decisions that can put an
inexperienced (and possibly an experienced) Linux installer at risk.
Unfortunately, many Linux distributions make a number of painfully wrong
security decisions at install. All too often these issues are overlooked by
the administrator since the prevailing wisdom tends to be: “If it’s Linux,
it’s secure.” As we’ll soon see, that’s not always the case.
For this article we’ll look at Ubuntu Sever version 8.10. The methodology
used to determine if the installation is as secure as it could be is three
fold:
Identity,
Authentication, and
Authorization
Identity is key to providing access to computing resources. For most
internal services, identity of confidential information must be limited to
those needing the information. Typically this is based upon user
identification. To determine the identity of the user it must be validated
via authentication (passwords).
Authentication is key to ensuring a system is secure — since any security
gained by identifying a user is quickly lost if weak authentication is used.
Weak authentication can be caused by users (for example sharing or losing
passwords), but weakness from a system standpoint will be reviewed in this
article.
Finally, authorization is necessary to ensure the appropriate resource are
authorized for the user. This allows individual resources on a server to be
further managed; for example, directories, printers, etc.
/excerpt Read the full article: http://www.linux-mag.com/cache/7297/1.html
(503)754-4452 www.Obnosis.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20090414/00e015cc/attachment.htm
More information about the PLUG-discuss
mailing list