One thing that makes Debian great is the Debian Security Announcements mailing list, which every administrator should subscribe to and consider messages from to be high-priority. I also noticed today that Arch Linux has a similar list.
Another great tool for Debian is a package called cron-apt which notifies an administrator if there are updates. See Securing Debian Manual -> Chapter 10, Before the compromise -> 10.1.2.3 Automatically checking for updates with cron-apt.
These may seem like simple things, but they are major. Knowing when there is a security update to a system is critical for administrators.
Unfortunately many of the vectors of attack nowadays are not through the hardened server and network infrastructures themselves, but through the personal systems of staff who have access to those systems. That is a whole other issue in and of itself and certainly an area where hard core Linux systems such as Debian can and should play a critical role.
I really wonder how many of the really serious security breaches that one reads about constantly would be prevented by good practices and increased use and requirement of hardened Linux systems not just for server infrastructure but for administrative staff as well.
Administrative access policies and infrastructure have to assume the worst given the prevalance of phishing attacks and other forms of infection with malware. Any organizations which are not going into things thinking about this in advance are walking into a potential nightmare.
Leave a Reply
You must be logged in to post a comment.