This Security Checklist Can Help Sysadmins Combat Attacks!

1
3946
The list has been published by the Linux Foundation.

Linux Foundation has released a new list of security recommendations that is particularly helpful for the system administrators. The list of security tips range from moderate to paranoid. Konstantin Ryabitsev, director of collaborative IT services at the Linux Foundation, shared a security checklist that is used the at organisation for hardening laptops of its sysadmins to protect against hacks and attacks. With these recommendations, the foundations aim to provide a guide to balance security decision and usability. The checklist comes attached with the explanations of each step that has been taken. Ryabitsev has highlighted different levels of security including paranoid, critical, moderate and low.

Explaining the check list, the foundation said, “This is a set of recommendations used by the Linux Foundation for their systems administrators. All of LF employees are remote workers and we use this set of guidelines to ensure that a sysadmin’s system passes core security requirements in order to reduce the risk of it becoming an attack vector against the rest of our infrastructure.

Even if your systems administrators are not remote workers, chances are that they perform a lot of their work either from a portable laptop in a work environment, or set-up their home systems to access the work infrastructure for after-hours/emergency support. In either case, you can adapt this set of recommendations to suit your environment.”

Under the list of critical recommendations, those implementations have been included that are considered a must-do from a sysadmin’s perspective. Things like ‘enabling SecureBoot to prevent rootkits or “Evil Maid” attacks, choosing a Linux distribution that supports native full disk encryption, has timely security updates, provides cryptographic verification of packages and supports Mandatory Access Control (MAC) or Role-Based Access Control (RBAC) mechanisms like SELinux, AppArmor or Grsecurity’.

Check out the list here: https://github.com/lfit/itpol/blob/master/linux-workstation-security.md

1 COMMENT

  1. Hey, Diksha, thank you for this post and the link. Will head out there in a couple of minutes and check out the list you have mentioned.

    Upping the ante when it comes to your server’s security is really important if you are really serious when it comes to protecting the sensitive data of your company and customers. Or else, face lawsuits from hell.

    I also recommend this article: https://www.process.st/server-setup-checklists/. Maybe some of your readers are looking to beef up or improve their server securities. It contains checklists for several Linux servers and an Ubuntu server.

LEAVE A REPLY

Please enter your comment!
Please enter your name here