A study by IDC reports that organizations running Windows spend
less money in the long run than those implementing Linux because of
the open source solution's complexities and training and support
costs. who do you believe???
NetBSD historically has been considered a well-secured OS, much more so than most of the Linux varieties.
SUSE is considered to be one of the most secure. www.findopensourcesupport.com support services for Open Source software
A quickly check for various popular UNIX rootkits. If you aren't using
www.Tripwire.com and suspect that someone has compromised your UNIX system,
Try downloading and using www.chkrootkit.org immediately.
what a rootkit is and what it does.
SourceForge has released Thinstation, a free Linux distribution that runs on any x86 box that has at least 16MB of RAM. Thinstation supports the following protocols:
- Windows 2000 Server Terminal Services (RDP)
- Citrix Systems' Citrix ICA
Learn how to set up the versatile MySQL database on Linux
www.techrepublic.com
SECURE A MYSQL DATABASE
The first step to building a secure MySQL database is applying a basic security principle that's applicable to every process a remote user invokes.
This principle is "define and confine."
DEFINE YOUR USERS
First, you must define a new user group and a user dedicated solely to running the database processes. You can accomplish this by executing the following commands:
pw groupadd mysql
pw useradd mysql -c "MySQL Server" -d /dev/null -g mysql -s
/sbin/nologin
Using a different user to run these processes is essential so you can confine your database processes. If an account or service compromise occurs because of an unpatched exploit, this can minimize exposure to the rest of your system.
CONFINE YOUR USERS
Allowing a remote user to run a process on your server is inherently dangerous, but it happens every time you open a Web page or run a network application. The key to securing this remote access is limiting the local resource structure to a specific user process.
You can confine remote access to MySQL by running your database in a chroot environment. (Chroot changes the root directory and restricts a process to an isolated subset of the file system.)
Create the directory structure by executing the following:
mkdir -p /chroot/mysql/dev
mkdir -p /chroot/mysql/etc
mkdir -p /chroot/mysql/tmp
mkdir -p /chroot/mysql/var/tmp
mkdir -p /chroot/mysql/usr/local/mysql/libexec
mkdir -p /chroot/mysql/usr/local/mysql/share/mysql/English
Set access rights to the directory structure, and copy the source files created during your install, as shown below:
chown -R root:sys /chroot/mysql
chmod -R 755 /chroot/mysql
chmod 1777 /chroot/mysql/tmp
cp /usr/local/mysql/libexec/mysqld
/chroot/mysql/usr/local/mysql/libexec/
cp
/usr/local/mysql/share/mysql/english/errmsg.sys/chroot/mysql/usr/local/
mysql/share/mysql/english/
cp /etc/hosts /chroot/mysql/etc/
cp /etc/host.conf /chroot/mysql/etc/
cp /etc/resolv.conf /chroot/mysql/etc/
cp /etc/group /chroot/mysql/etc/
cp /etc/master.passwd /chroot/mysql/etc/passwords
cp /etc/my.cnf /chroot/mysql/etc/
Back To Main Page
