RedhatLinuxSysAdmin 





Redhat System Administration  «Prev  Next»
Lesson 3Network security access
ObjectiveSecurity concerns related to network access
Describe security concerns related to network access.
Security concerns are raised whenever you place a machine on a network.
The only way to guarantee the safety of your machines is to keep them off of a network; however, this greatly reduces the usability of the system.
A more reasonable approach is to secure any services that are vulnerable to attacks but are required, like your Web server.
You should also eliminate known weaknesses that are not required, such as ftp, telnet, or sendmail. Some of these services send passwords in clear text, which can be easily sniffed, so they should be replaced with more robust services, like the freely available, Open Source Secure Shell, (OpenSSH).
If such a weakness is identified by sniffers, the password information will become common knowledge, and automated scanners will be able to identify vulnerable machines. Often, network services expose systems to attack by creating vulnerabilities that allow the >cracker to execute commands on your machine with root privileges. With this ability, the cracker can do anything. Alternatively, a cracker may obtain the password of an account on your machine, and may be able to log in to your network directly. At this stage, they are in an even better position to attack root and other machines that may be on your network.
The following MouseOver provides more information about network holes.


network-holes-1
network-holes-2
Network Security Holes
The next lesson explains how crackers get into a system.
Network Access - Quiz
Before moving on to the next lesson, click the Quiz link below to test your understanding of console and network access.
Network Access - Quiz