[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ A ] [ B ] [ C ] [ D ] [ E ] [ F ] [ G ] [ H ] [ next ]
Securing Debian is not very different from securing any other system; in order to do it properly, you must first decide what you intend to do with it. After this, you will have to consider that the following tasks need to be taken care of if you want a really secure system.
You will find that this manual is written from the bottom up, that is, you will read some information on tasks to do before, during and after you install your Debian system. The tasks can also be thought of as:
Decide which services you need and limit your system to those. This includes deactivating/uninstalling unneeded services, and adding firewall-like filters, or tcpwrappers.
Limit users and permissions in your system.
Harden offered services so that, in the event of a service compromise, the impact to your system is minimized.
Use appropriate tools to guarantee that unauthorized use is detected so that you can take appropriate measures.
The following manual does not (usually) go into the details on why some issues are considered security risks. However, you might want to have a better background regarding general UNIX and (specific) Linux security. Take some time to read over security related documents in order to make informed decisions when you are encountered with different choices. Debian GNU/Linux is based on the Linux kernel, so much of the information regarding Linux, as well as from other distributions and general UNIX security also apply to it (even if the tools used, or the programs available, differ).
Some useful documents include:
The Linux Security
HOWTO (also available at LinuxSecurity)
is one of the best references regarding general Linux security.
The Security
Quick-Start HOWTO for Linux is also a very good starting point for
novice users (both to Linux and security).
The Linux Security Administrator's
Guide is a complete guide that touches all the issues related to
security in Linux, from kernel security to VPNs. Note that it has not been
updated since 2001, but some information is still relevant. [1]
Kurt Seifried's Securing
Linux Step by Step.
In Securing and
Optimizing Linux: RedHat Edition you can find a similar document to
this manual but related to Red Hat, some of the issues are not
distribution-specific and also apply to Debian.
Another Red Hat related document is EAL3
Evaluated Configuration Guide for Red Hat Enterprise.
IntersectAlliance has published some documents that can be used as reference
cards on how to harden Linux servers (and their services), the documents are
available at their
site.
For network administrators, a good reference for building a secure network is
the Securing
your Domain HOWTO.
If you want to evaluate the programs you are going to use (or want to build up
some new ones) you should read the Secure Programs
HOWTO (master copy is available at http://www.dwheeler.com/secure-programs/,
it includes slides and talks from the author, David Wheeler)
If you are considering installing firewall capabilities, you should read the
Firewall
HOWTO and the IPCHAINS HOWTO
(for kernels previous to 2.4).
Finally, a good card to keep handy is the Linux Security
ReferenceCard.
In any case, there is more information regarding the services explained here
(NFS, NIS, SMB...) in many of the HOWTOs of the The Linux Documentation Project. Some
of these documents speak on the security side of a given service, so be sure to
take a look there too.
The HOWTO documents from the Linux Documentation Project are available in
Debian GNU/Linux through the installation of the doc-linux-text
(text version) or doc-linux-html (HTML version). After
installation these documents will be available at the
/usr/share/doc/HOWTO/en-txt and
/usr/share/doc/HOWTO/en-html directories, respectively.
Other recommended Linux books:
Maximum Linux Security : A Hacker's Guide to Protecting Your Linux Server and Network. Anonymous. Paperback - 829 pages. Sams Publishing. ISBN: 0672313413. July 1999.
Linux Security By John S. Flowers. New Riders; ISBN: 0735700354. March 1999.
Hacking Linux
Exposed By Brian Hatch. McGraw-Hill Higher Education. ISBN
0072127732. April, 2001
Other books (which might be related to general issues regarding UNIX and security and not Linux specific):
Practical Unix
and Internet Security (2nd Edition) Garfinkel, Simpson, and
Spafford, Gene; O'Reilly Associates; ISBN 0-56592-148-8; 1004pp; 1996.
Firewalls and Internet Security Cheswick, William R. and Bellovin, Steven M.; Addison-Wesley; 1994; ISBN 0-201-63357-4; 320pp.
Some useful web sites to keep up to date regarding security:
Security Focus the
server that hosts the Bugtraq vulnerability database and list, and provides
general security information, news and reports.
Linux Security.
General information regarding Linux security (tools, news...). Most useful is
the main
documentation page.
Linux firewall and
security site. General information regarding Linux firewalls and
tools to control and administrate them.
Just so you have a general overview of security in Debian GNU/Linux you should take note of the different issues that Debian tackles in order to provide an overall secure system:
Debian problems are always handled openly, even security related. Security
issues are discussed openly on the debian-security mailing list. Debian
Security Advisories (DSAs) are sent to public mailing lists (both internal and
external) and are published on the public server. As the Debian Social Contract
states:
We will not hide problems
We will keep our entire bug report database open for public view at all times. Reports that people file online will promptly become visible to others.
Debian follows security issues closely. The security team checks many security
related sources, the most important being Bugtraq, on the
lookout for packages with security issues that might be included in Debian.
Security updates are the first priority. When a security problem arises in a Debian package, the security update is prepared as fast as possible and distributed for our stable, testing and unstable releases, including all architectures.
Information regarding security is centralized in a single point, http://security.debian.org/.
Debian is always trying to improve the overall security of the distribution by starting new projects, such as automatic package signature verification mechanisms.
Debian provides a number of useful security related tools for system administration and monitoring. Developers try to tightly integrate these tools with the distribution in order to make them a better suite to enforce local security policies. Tools include: integrity checkers, auditing tools, hardening tools, firewall tools, intrusion detection tools, etc.
Package maintainers are aware of security issues. This leads to many
"secure by default" service installations which could impose certain
restrictions on their normal use. Debian does, however, try to balance
security and ease of administration - the programs are not de-activated when
you install them (as it is the case with say, the BSD family of operating
systems). In any case, prominent security issues (such as setuid
programs) are part of the Debian Policy.
By publishing security information specific to Debian and complementing other information-security documents related to Debian (see Be aware of general security problems, Section 2.2), this document aims to produce better system installations security-wise.
[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ A ] [ B ] [ C ] [ D ] [ E ] [ F ] [ G ] [ H ] [ next ]
Securing Debian Manual
Version: 3.13, Thu, 23 Aug 2012 15:10:10 +0000jfs@debian.org