www.fifi.org     Documentation         Manpages         GNU Info         Debian document tree         Whole document tree     Trigance web page     Public services     User info     Mailing lists     Secure server     Multilingual usage   Copyright (C) 2000-2012 Philippe Troin <webmaster@fifi.org>. Validate HTML Validate CSS

Whole document tree Security Back in section 7.1 on page , we discussed file permissions in Linux. This is a fundamental way to keep your system secure. If you are running a multi-user system or a server, it is important to make sure that permissions are correct. A good rule of thumb is to set files to have the minimum permissions necessary for use. If you are running a network server, there are some other things to be aware of as well. First, you ought to uninstall or turn off any network services you're not using. A good place to start is the file /etc/inetd.conf; you can probably disable some of these. For most network services, it's also possible to control who has access to them; the /etc/hosts.allow and /etc/hosts.deny files (documented in man 5 hosts_access) can control who has access to which services. You also ought to keep up-to-date with patches or updates to Debian; these can be found on your nearest Debian FTP mirror. Some other commonsense rules apply: Never tell anyone your password. Never send your password in cleartext across the Internet by using something like telnet or FTP. Instead, use encrypted protocols or avoid logging in remotely. Avoid using root as much as possible. Don't install untrusted software, and don't install it as root. Avoid making things world-writable whenever possible. /tmp is one exception to this rule. While this is probably not of as much use to somebody not running a server, it is still pays to know a bit about security. Debian's security mechanism is what protects your system from many viruses.