On the Web - Creating Your Own Security

Don't rely on others to ensure your computer's security—it begins with you.

Although it may be tempting to blame faulty software, incomplete patches or inadequate monitoring when security is breached on the Internet, a network or a personal computer, we must remember the part we ourselves play in computer security.

Internet security is the focus of this month's issue; back in the April 2004 issue, we looked at application and intranet security. More articles discussing these and other aspects of security can be found on the Linux Journal Web site. For an overview of how Linux and open-source software are meeting the security requirements of government agencies, read “Open Source Innovation within the DoD” (www.linuxjournal.com/article/7644) and “GNU/Linux Clears Procurement Hurdles” (www.linuxjournal.com/article/7678). Both articles are part of Tom Adelstein's Web column, Linux in Government. Keeping track of government's standing on Linux and open source is important, especially considering the warning issued this past summer by one government agency—the United States Computer Emergency Readiness Team—“advising people to use a different Web browser”.

If you are looking to enhance security on your home or small office network, putting a firewall in place is a good start. But, you knew that and you probably already have one. How about something a little more interesting—something that could turn into a nice little DIY project? In “Building a Diskless 2.6 Firewall” (www.linuxjournal.com/article/7383), author Christian Herzog explains how you can salvage some minimal hardware, replace the hard drive with a CompactFlash (CF) card and employ BusyBox to build a machine with an “iptables firewall, SSH dæmon, DHCP server and DNS server”. Christian's tutorial walks you through choosing the right software, selecting the best filesystem for the CF card, compiling the 2.6 kernel, filling the filesystem and booting with GRUB.

We all know that one important component of computer security is being prepared and able to recover when something goes wrong, as it always does on some level. A large part of one's ability to recover depends on the quality of the data backups, yet backups don't always rank high on people's to-do list. In fact, Phil Moses, author of “Open-Source Backups Using Amanda” (www.linuxjournal.com/article/7422), notes, “Data probably is the most important element in computing, but in too many cases I see data backups overlooked or approached in such a carefree manner that I shiver.” To this end, Phil focuses his article on Amanda, explaining how its ability to take on multiple configurations and multiple backup tape devices, “while requiring a minimum amount of time and resources” makes it an ideal backup solution.

Finally, for something a little different, check out Marco Tabini's article “PHP as a General-Purpose Language” (www.linuxjournal.com/article/6627). Using a PHP-based news aggregator script as an example, Marco demonstrates how the command-line version of PHP can “perform complex shell operations, such as manipulating data files, reading and parsing remote XML documents and scheduling important tasks through cron.”

Have you found a better way to monitor the traffic coming in and going out of your network? Discover a new use for your old 386? Send me an article proposal at heather@ssc.com.

Heather Mead is senior editor of Linux Journal.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix