Resources
HOWTO/FAQs: This section contains various HOWTO and FAQ documents for Linux and other aspects of Security. It includes links to the Linux Security HowTo as well as the Linux Security Quick Reference Guide. Whitepapers: This section contains whitepapers that are relevant to both Linux and Linux Security. The whitepapers provide an in-depth analysis on various issues and technologies. Documentation: This section contains documentation on how to improve the security of your Linux box, whitepapers on various security issues, newsletters, a glossary of security terms as well as publications. Security Sources: This section contains references to other security sites, where you can find archives of security information, including exploits, host security, firewalls, auditing, etc. Forums: Several discussion groups and mailing lists, including those of other security sites, are available at Linuxsecurity.com, including groups to discuss security products, problems, vulnerabilities, and pointers to other security discussion resources. Firewalls: There are many different types of products for implementing the security policy on your system. Here you will find information on packet filters, virtual private networking, proxy servers, and firewall projects. Most Linux distributions based on the 2.2 kernel include the IP-Chains packet filter, and the SQUID proxy service. The Linux Firewall-HOWTO and IP-Chains HOWTO will be a good starting point to setting up your first Linux firewall. Host Security: This section includes information and software used to improve the security of your Linux host. Authentication, authorization, host security scanners, monitoring tools, etc. Security scanners can be used to probe your system and find problematic software which may lead to an intrusion. Cryptography: Cryptography is the art or science of keeping a message secret. Encryption is a method of converting your data into a form that only authorized people can see. This can take the form of email, filesystem and network encryption (such as a VPN). This section also contains information on providing and improving user authentication. Digital certificates is one example of host or user authentication using a form of encryption. Network Security: This section focuses on network scanners, monitors and information on how to design a more secure system, and improve the security of the ones you already have. This section presents pointers to information on how to better secure your Linux systems from network attacks. Intrusion Detection: This section includes pointers to many different host- and network- based intrusion detection systems, which can be used to alert you to a possible attack on your system or network. Host-based IDS products can be used to alert you to a intrusion in progress, or one that has already occurred. Network IDS products can be used to alert you to an intruder on your network. Organizations: Many organizations, like CERT (Computer Emergency Response Team) and SANS (System Administration and Network Security), have been formed in recent years to discuss and analyze current security topics. What's more, Bugtraq is a popular full-disclosure mailing list that provides information on security vulnerabilities. Server Security: This section features information on how to improving the security of the services - Web, FTP, for instance -- that are running on your servers, as well as kernel security. Vendors/Products: This section includes reviews of products, pointers to vendors offering Linux security products, as well as downloads of preferred security products. Projects: Security, of course, is a dynamic enterprise and ongoing projects - by leading individuals and organizations -- is a central part of the development of future security products. In this section you'll find references to and updates about those projects.
