Linux Security Threats on the Rise
Every year, heck...every month, Linux is adopted by more companies and organizations as an important if not primary component of their enterprise platform. And the more serious the hardware platform, the more likely it is to be running Linux. 60% of servers, 70% of Web servers and 95% of all supercomputers are Linux-based!
Even if they're not "Linux shops", companies realize certain benefits from bringing Linux in for specific purposes. Its reliability, flexibility, scalability and cost of ownership offer huge advantages over other OSes...but I don't have to tell you that, do I? You probably earn your keep because of these statistics!
One of the many benefits cited by enterprises bringing in Linux is the security and the resultant "cost of ownership" benefits that come from, among many other things, not having to deal with security-related issues and attacks. While Gartner and other analyst companies have poo-poohed the actual cost benefits in the past, a lawsuit showed that Microsoft had actually influenced its computations and models in favor of calculating Windows' total cost of ownership, and real-world anecdotal evidence shows the same. Sterling Ball, CEO of Ernie Ball Guitar Strings said, "What about the cost of dealing with a virus? We don't have 'em....There's no doubt that what I'm doing is cheaper to operate. The analyst guys can say whatever they want."
All that said, at least two factors point to increased security risk for Linux going forward: its sheer size and its ever-growing popularity. Simply put, with 15.8 million lines of code in the most recent kernel, the likelihood of a mistake or mistakes simply increases. And mistakes = vulnerability. Witness the GnuTLS bug from earlier this year. And with more Web servers running Linux than anything else, cracking Linux gets you "where the money is", to paraphrase Willie Sutton.
The Bad Guys love it because they can see and manipulate every line of code for their nefarious purposes. The flip side though is that the same things that make it vulnerable, make it safe too. The Good Guys also can look at and patch every line of code as vulnerabilities are exposed or need arises! Vigilance is the key.
Mark Cox, Senior Director of Engineering at Red Hat, talks about the most fundamental level of vigilance--things that seem like they should be "no-brainers" but that are so easy to neglect or forget about. "Vulnerabilities in software are found all the time, so the critical piece of advice is to make sure that your servers are kept up to date with security fixes all the time. That means keeping track of all those cool utilities you download, install, and forget about, like a PHP photo album software I found on my server recently that was a couple years old and full of security holes. There are still Windows servers being infected with Nimda and Code Red worms because they've not been patched yet."
That's vulnerability more from a single-user/small system point of view. Multiply all those downloads and activities many thousands of times across an enterprise, and you easily can begin to see where vulnerabilities could occur in even the best-intended secure environments. To secure systems on an enterprise scale, one needs more than vigilance. One actually needs real-time continuous visibility into and across the entire landscape/environment and the ability to establish and enforce security policy across the entire environment.
Linux Journal is partnering with Bit9 + Carbon Black for a Webinar to address these issues and more. "One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems" will give you the technical justification for increased vigilance and security measures as well as a roadmap to follow to ensure that your data, your customers' data and all your systems are safe and secure. The Webinar is on Wednesday, August 27, 2014 at 1:00 pm EDT. You owe it to yourself to stay at least one step ahead of the Bad Guys. This Webinar will help! Go here to register now!
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
- Using tshark to Watch and Inspect Network Traffic
- September 2015 Issue of Linux Journal: HOW-TOs
- Concerning Containers' Connections: on Docker Networking
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- A Project to Guarantee Better Security for Open-Source Projects
- Build a “Virtual SuperComputer” with Process Virtualization
- My Network Go-Bag
- Doing Astronomy with Python