Network Security Tips

Anyone who administers a system connected to the Internet needs to know something about network security. It's not uncommon for systems connected to the Internet to be probed by would-be hackers several times daily. If a would-be hacker manages to detect a vulnerability, the hacker can often exploit it in a matter of seconds. Therefore, it's almost certain that a system administrator ignorant of network security will eventually suffer a system break-in.

Network security is a large and sophisticated topic that can be only cursorily surveyed in a book such as this. Concerned readers should consult books such as the following:

Building Internet Firewalls, Second Edition, by Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman (O'Reilly)
Building Secure Servers with Linux, by Michael D. Bauer (O'Reilly).
Computer Security Basics, by Deborah Russell and G.T. Gangemi, Sr. (O'Reilly)
Linux Security Cookbook, by Daniel J. Barrett, Richard Silverman, Robert G. Byrnes (O'Reilly).
Linux Server Hacks, by Rob Flickenger (O'Reilly).
Practical Unix & Internet Security, 3rd. ed., by Simson Garfinkel, Gene Spafford, and Alan Schwartz (O'Reilly).
CentOS Linux Firewalls, by Bill McCarty (Red Hat Press).

If a sufficiently skilled hacker is intent on compromising a system you administer, the hacker will probably succeed. However, here are some tips that can help you avoid falling victim to amateur hackers:

Use a network or host firewall to prevent outsiders from accessing services you don't need to make publicly available.
Monitor security web sites and mailing lists so that you're aware of recent threats and the associated countermeasures. The CERT Coordination Center, http://www.cert.org, provides many useful resources.
Apply bug fixes promptly after Red Hat Network advises you that they are available.