Hardened Linux
Operating Systems and Packages
Frequently, operating system exploits and vulnerabilities on servers occur due to:
components which are not needed by a server, but have been unnecessarily installed by default (examples: graphical packages, office suites, browsers, etc.); and
lax security settings which make the system easy to access for everyone, including computer criminals.
![To prevent...exploits, some operating systems can be [configured]...to employ just the essential software components needed for the specific tasks the server was intended to accomplish; these systems are called 'hardened operating systems'...](../img/linux.gif)
|
|
To prevent such exploits, some operating systems can be installed (or can be adjusted after installation with a "package") to employ just the essential software components needed for the specific tasks the server was intended to accomplish. Also, cautious security settings can be applied to the server's operating system and applications software; these systems are called "hardened operating systems".
The Linux architecture was designed to accommodate the granular selection of operating system software components. For hosting Web, Email, and Database servers, the Linux operating system is a popular, cost-effective, and well recognized software industry standard. The choice of applications for Linux is now growing at a formidable pace. Granular file system permissions have recently been introduced; and soon, precise process thread accounting and auditing will also be added to the core of the Linux operating system -- thus further enhancing the operating system's overall security stature.