Why do I need to secure my Linux hosts?
Like almost every other operating system, the Linux install is streamlined to make the installation easy, with as few hiccups during and after the installation as possible. As we saw in earlier chapters, this often means an installation with no firewall enabled. In addition, the operating system version and package version will of course match the install media, rather than the latest version of each. In this chapter, we'll discuss how default settings in Linux are often not set to what most would consider secure, and how as an industry, we remedy this with legislation, regulations, and recommendations.
As for the initial installation being out of date, luckily, most Linux distributions have an auto-update process enabled. This is governed by two lines in the /etc/apt/apt.conf.d/20auto-upgrades file:
APT::Periodic::Update-Package-Lists "1"; APT::Periodic::Unattended-Upgrade "1";
Both settings are set to 1 (enabled...
