todays requirements regarding security (not limited to linux security)
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Originally posted by klausi Weel, after i´ve asked my english book, what about Gamerserver´s in Chroot´s ?
Is there much work to do to chroot e.g. an Steam Cstrike 1.6 Server ?
Personally I consider chroots - if implemented correctly of course - as an additional layer of security. The amount of work required to chroot differs greatly from application to application. Think of statically linked binaries (MySQL for instance as a popular example) and of non-statically linked ones.
Originally posted by klausi Cstrike issnt using sql i guess ;-)
I think, if i chroot a user and install cstrike with this, its chrooted by default..
I never meant that CS uses SQL, more the way libraries are linked to binaries: statically or non-statically. Non-statically linked libs need to be copied to the chroot in order for the binary (daemon) to work...
I'd like to hear your requirements for today's security. This should not be limited to linux security, network security and physical security.
Maybe you could break open the discussion by voicing your own opinion on things? Maybe focus on some aspects and ask less broad questions?
Originally posted by chort Today's requirements for security are no different than yesterday's, or last year's, or 1970's... The only thing that changes is the technology available, but the principles never change.
Given the glut of articles, guides, policies, etc written on this very same subject I'm not sure how an informal discussion adds anything (although you're certainly welcome to gather input).
This is of course a very good point. Now to make this progress, I suggest discussion on the varied ways firewalls can be implemented. Hardware (router) firewall as opposed to software (iptables and rules). In both cases, the simple fact remains that if a known open port is accessed and permissions can be acquired, there is an obvious risk. To admin any system with that in mind should narrow down security rather well, I think