Hardening Linux
We can really look at the previous example using SELinux to determine what we mean by hardening Linux, but this is often not the simple option. In the case of SELinux, the simple option is to set the Permissive
mode but this does not go hand in hand with the best security for our systems.
Start with passwords and ask yourself how often are passwords changed on your system? When was the root password last changed? How many people have access to the root password? I come across many instances where the root password is never changed, and all administrators seem to have access to the root password. This is not a secure way of running your system even though it may help in the short term. Think of how many people who no longer work for your company have access to the root user password.
Of course, the system security has to work for you and the company, but the needs of a secure system should never be undervalued. For root access, consider using sudo
instead of su
and don't give...