Stay Ahead With Linux Security HOWTOs
How to Secure My Network
access control Linux administration
access control Linux administration Most SSH hardening advice ends at the same recommendation: Disable password authentication and use SSH keys. . That's good advice. It removes entire classes of attacks, including password spraying, credential stuffing, and brute-force attempts against exposed servers. The problem is what happens next. Many administrators treat SSH keys as the finish line when they are really the beginning of the hardening process. Attackers rarely care whether they obtained access with a password or a private...
Jun 05, 2026
How to Secure My Networksecurity advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found -3 articles for you...
166
user managementPAMUnixEvery User Is A Privileged User: Integrating Unix/Linux Security
Every user is a privileged user and every system is a privileged system. Thus, all types of systems require privilege security controls. However, the reality is that Unix and Linux are too often left out of modern PAM programs. Learn how to incorporate Unix/Linux in your privilege management strategy. . Lately we’ve been banging the drum that “ every user is a privileged user ,” meaning privileged users aren’t limited to system administrators but also include business users with access to applications and endpoints linked to critical business data and functions. The second verse to that refrain is that “ every system is a privileged system .” Within your IT environment, laptops, servers, databases, and cloud platforms all must be incorporated into your privilege management strategy. All types of systems—Windows, Mac, and Unix/Linux—need privilege security controls. Across your entire organization, you need granular control over who can do what, where they are doing it, and when they can do it. Additionally, you need the ability to demonstrate that granular control to company leadership and auditors with consolidated, easily understood reports. The link for this article located at Security Boulevard is no longer available. . Integrate Unix/Linux tools into your privilege management framework to enhance access control and bolster security measures.. Privilege Management, Unix Security, Linux Access, PAM Solutions, User Controls. . Brittany Day
Nov 26, 2020
•
How to Learn Tips and Tricks
166
access controlsecurity guidelinesprivilege managementEffective User Account Management in Linux: Security Guidelines
Planning account creation. You should make sure to provide user accounts with only the minimal requirements for the task they need to do. If you provide your secretary, or another general user, with an account, you might want them to only have access to a word processor or drawing program, but be unable to delete data that is not his or hers. Several good rules of thumb when allowing other people legitimate access to your Linux machine: Limit access privileges given to new users. Be aware when/where they login from, or should be logging in from. Make sure to remove inactive accounts The use of the same user-ID on all computers and networks is advisable to ease account maintenance, as well as permit easier analysis of log data (but I'm sure someone will dispute this). However, it's practically essential if using NFS. There are several other protocols that use UIDs for local and remote access as well. The creation of group user-IDs should be absolutely prohibited. User accounts also provide accountability, and this is not possible with group accounts. Be sure shadow passwords are enabled. Shadow passwords is a method for storing the actual user's password in a root-owned file that is not readable by normal users, unlike the regular password file. This protects the passwords from being read and cracked using dictionary attacks. Most (if not all) current distributions already use shadow passwords. Regularly audit user accounts for invalid or unused accounts, expired accounts, etc. Check for repeated login failures. The files in /var/log are invaluable resource to track potential security problems. Be sure to enable quotas on machines with many users, to prevent denial of service attacks involving filling disk partitions, or appending exploits to group-writable files. Disable group accounts, and unused system accounts, such as sys or uucp. These accounts should be locked, and given non-functional shells. Many local user accounts that are used in securitycompromises are ones that have not been used in months or years. Since no one is using them they provide the ideal attack vehicle. . Verify that user profiles adhere to essential operational standards whilst safeguarding security measures and managing access permissions.. User Account Management, Access Control Policies, Privilege Guidelines, Linux Security Practices. . Anthony Pell
Jun 24, 2000
•
How to Learn Tips and Tricks
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More