todays requirements regarding security (not limited to linux security)
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Originally posted by klausi Weel, after i´ve asked my english book, what about Gamerserver´s in Chroot´s ?
Is there much work to do to chroot e.g. an Steam Cstrike 1.6 Server ?
Personally I consider chroots - if implemented correctly of course - as an additional layer of security. The amount of work required to chroot differs greatly from application to application. Think of statically linked binaries (MySQL for instance as a popular example) and of non-statically linked ones.
Originally posted by klausi Cstrike issnt using sql i guess ;-)
I think, if i chroot a user and install cstrike with this, its chrooted by default..
I never meant that CS uses SQL, more the way libraries are linked to binaries: statically or non-statically. Non-statically linked libs need to be copied to the chroot in order for the binary (daemon) to work...
I'd like to hear your requirements for today's security. This should not be limited to linux security, network security and physical security.
Maybe you could break open the discussion by voicing your own opinion on things? Maybe focus on some aspects and ask less broad questions?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Today's requirements for security are no different than yesterday's, or last year's, or 1970's... The only thing that changes is the technology available, but the principles never change.
Given the glut of articles, guides, policies, etc written on this very same subject I'm not sure how an informal discussion adds anything (although you're certainly welcome to gather input).
Originally posted by chort Today's requirements for security are no different than yesterday's, or last year's, or 1970's... The only thing that changes is the technology available, but the principles never change.
Given the glut of articles, guides, policies, etc written on this very same subject I'm not sure how an informal discussion adds anything (although you're certainly welcome to gather input).
This is of course a very good point. Now to make this progress, I suggest discussion on the varied ways firewalls can be implemented. Hardware (router) firewall as opposed to software (iptables and rules). In both cases, the simple fact remains that if a known open port is accessed and permissions can be acquired, there is an obvious risk. To admin any system with that in mind should narrow down security rather well, I think
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.