Loading... Please wait...

Our Newsletter

Linux Journal January 2015, #249


Product Description

Issue #249, January 2015

Security: a Method, Not a Goal

The Security issue of Linux Journal always makes me feel a little guilty. It turns out that although I have a fairly wide set of technology skills, I'm not the person you want in charge of securing your network or your systems. By default, Linux is designed with a moderate amount of security in mind. For that, I am incredibly grateful. If you struggle with maintaining security in your environment, this issue hopefully will encourage and educate as opposed to making you feel guilty. My goal this year is to learn and be encouraged by the Security issue, not just feel bad. Please, join me!

Reuven M. Lerner starts us out with a continuation on last month's multitenant programming, this time dealing with users and permissions. With multiple users accessing the same program, security is crucial, and Reuven helps us design intelligently. Dave Taylor follows with a very helpful tutorial on using the find command with xargs. The find command is incredibly powerful, and with the ability to feed it into another program, it's indispensable. Dave walks through not only the how, but the why as well.

Kyle Rankin gets serious about security this month with a practical walk-through on the basics of running a secure server in the cloud. EC2 instances are commonplace in almost every company's infrastructure, but having your server run completely in the open is a dangerous endeavor without a very serious look at security. I go in the opposite direction from Kyle this month and discuss spinning up servers locally. Specifically, I talk about Vagrant. We've covered Vagrant in the past, but it's one of those technologies that always has confused me. This month, I break it down and explain how it works, what it does and how you can get the best use out of it in your environment. If you've ever been frustrated by Vagrant, or just avoided it altogether, I urge you to read my column.

One of the biggest problems with securing a network is knowing where to start. It's a lot easier to figure out that starting point if you know how secure your network right now. Jeramiah Bowling describes the process of doing an internal security review to identify problems. This is great for finding holes in your existing security, but it's also great if you're just starting to create your plan. It's easier to get started when you can find the starting line! Federico Kereki follows Jeramiah with an article on detecting bogus login attempts and mitigating the threat they represent. Having a good password is key to keeping hackers out, but if they have unlimited guesses, eventually your system might succumb to the attacks. Federico shows how to set up a banning system to disable logins when someone tries and fails over and over.

Finally, Mike Diehl has a great tutorial on securing Web traffic with Squid. Every organization has different needs when it comes to a Web policy, and for Mike, he does the same sort of thing for his home. Whether you're looking to lock down your corporate Internet access, or want to protect your family from various Internet topics, Mike's process is very educational.

Like many things in the Linux world, security isn't a thing you "do", it's a "way" you do things in general. Rather than set up your system and network, and then try to secure it as an afterthought, thinking with a security-focused mindset from the beginning is key. This issue offers some great insight on security matters, and hopefully, it sparks an interest for further change in your network. At the very least, this issue should force you to take a look at your own security practices. As for me? I'm going to read Jeramiah's article and do a security review of my own systems!

103 pages.

Delivered in .pdf and (high-speed connection STRONGLY recommended for download).

Additional Information:

Did you know that for just $29.50 you can get 12 monthly issues of Linux Journal delivered to your e-mail inbox, a savings of nearly 60% off these single issue price? Subscribe today and you'll receive instant access to the current issue and all available back issues. Digital downloads are available for 90 days from this Store.

Find Similar Products by Category

Add to Wish List

Click the button below to add the Linux Journal January 2015, #249 to your wish list.

You Recently Viewed...