Securing Linux, Part 1: Introduction

By Mario Eberlein, Rene Auberger, Wolfram Andreas Richter
2005-04-21


Availability
Even if integrity and confidentiality are ensured, data is useless if it cannot be accessed and is not available. Availability measures ensure that data is never lost and is accessible at a predefined performance level when it is requested. Availability can be compromised in various ways:

• Destructive attacks -- called Denial-of-Service (DoS) attacks -- which target availability. They aim at making a computer or service unavailable or unusable by consuming all available network, CPU, storage, or operating system resources (such as file handles).
• Attacks that aim at the data itself by trying to delete or overwrite it.
• Accidental destruction of data. In most cases, it is not possible to prevent accidental destruction of data, because a user with the appropriate rights is seen as the ultimate authority. You can only be forearmed by having a backup/restore infrastructure in place.
• Last, but not least, bugs, configuration errors, physical environment, hardware failures, power outages, unwanted system reboots, and more can also affect availability. The software-related topics in this list fit better into the category of system security and will be discussed in more detail later. As mentioned above, hardware-related topics are not discussed within this article, but if you are interested in these topics, see the Resources section for links to further reading.

To address the first two items in the list above, Linux-specific measures include firewalling/filtering of network packets, protecting file system integrity, and planning for additional resources that can be added on demand (for example, by using Tivoli® Intelligent Orchestrator; see Resources for a link).

Tutorial Pages:
» A Consideration of What it Means to be Secure
» Security Defined
» Integrity
» Confidentiality
» Availability
» Linux System Security
» Next in the Series
» Resources


First published by IBM DeveloperWorks

Related Tutorials: » How to Install PHP 5 on Linux » How to Install Apache 2 on Linux » How to Install MySQL 5.0 on Linux » SMB Caching » Mound --Bind » Tar Wild Card Interpretation

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content