Home > General, Security > Basic Linux security for beginners – Provide Security for Beginners!

Basic Linux security for beginners – Provide Security for Beginners!

Security is one of the major problems for the internet users today. It is affects every user in their smooth work. It is a big concern for the user if you are using Linux operating system.  Although Linux is one of the best operating system but there are some concern about the security issue of Linux operating system, especially for beginners. Therefore, it is necessary for beginners to know the procedure to keep their system secure enough for safe usage. One of the best things you can do to secure your system by stay aware about the security concern.

If you are a beginner then you have to know some security tips to protect your computer from any type of damage.  As a beginner you don’t have to be a security guru to be safe but you have to know some basic thing to safe your system. You have to understand the principles of the TCP/IP protocol before knowing something about security. Tcp and udp are the two parts of TCP/IP protocol. The main difference between tcp and udp is the tcp is connection oriented but the udp is connectionless. Both tcp and udp have several advantages and disadvantages and they both are used differently. The traditional UNIX systems encrypted users’ passwords using algorithm named salt+crypt and after that stored then the results in /etc/passwd file, On the login, system will take login password, encrypt that in same way as well as compare that with entry in /etc/passwd. In case, two agreed, then user was been considered authenticated. Solution to first problem was to switch to stronger encryption algorithm.

There are 2 problems with this and first, there is fact that, whereas salt+crypt is one-way algorithm (and you will not decrypt contents of /etc/passwd) it is not strong, as well as is limited to 8 character passwords. Worse, file /etc/passwd needs to get readable by users, as that relates the user ID numbers to names, and locates home directories as well as has other information regarding the users. It makes vulnerable to the so called dictionary attacks, where attacker takes dictionary (many systems have for the spell checking), encrypts each word in that, and after that compares them against encrypted passwords in /etc/passwd. While match is found, attacker just looks up corresponding word in dictionary & this is password.

http://i.ytimg.com/vi/Kys3y9NQqNs/0.jpg

Categories: General, Security Tags: ,
  1. No comments yet.
  1. No trackbacks yet.