Language Selection

English French German Italian Portuguese Spanish

Unix How-To: Give Me That Old-Time Security!

Filed under

Even in the wild frontiers of today's Internet, good basic Unix system security provides extremely valuable protection against security breaches. In today's column, I'm going to rant about some basic security rules of thumb that every Unix sysadmin ought to consider.

The first basic security rule is to keep your consoles safe. Lock them up, eliminate them by replacing them with console servers (recovering rack space at the same time), and make sure that only a very select group of people have access to them. What's more, access to your data centers should be limited to just those who need to lay hands on the servers. If anyone can walk in and out, you're asking for a headache.

Data centers should be equipped with UPS or, better still, a generator to keep them up through significant power outages. Wait, you ask, is power to the data center security? You bet it is! Anything that threatens the productivity of your staff and the smooth running of your business is a security concern. UPS systems can often be configured to send low battery signals to systems and initiate auto-shutdown options, further preventing hardware loss. Check your UPS systems and make use of this feature if it's supported. If your AC is not also on the UPS or generator, auto-shutdown of systems might prevent them from being damaged through overheating.

rest here

More in Tux Machines

ZTE launches container networking solution for open source NFV

ZTE has unveiled an end-to-end container networking solution for open-source NFV, which it hopes will promote the development of cloud native technology and the open source ecosystem. The vendor says operators need the ability to quickly adapt to changing network demands with low cost solutions while maintaining continuous innovation. As such, it believes that containers are the best carrier for NFV transformation. ZTE says that container-based cloud native applications will become the trend for communications technology applications. However, the native Kubernetes network model used in the IT industry is too simple to meet telco service requirements. Read more

LuxMark OpenCL Performance On Windows vs. Linux With Radeon/NVIDIA

When carrying out this week's Windows vs. Linux gaming tests with AMD Radeon and NVIDIA GeForce GPUs on the latest drivers, I also took the opportunity to run some fresh OpenCL benchmarks on Windows and Linux with the competing GPU vendors. I was particularly interested in running this test given the maturing state of ROCm on Linux for providing a new and modern compute stack... That coming with Linux 4.17+ will even begin to work from a mainline Linux kernel. Albeit for this round of testing was using AMD/GPUOpen's stock ROCm Ubuntu packages for 16.04 LTS as outlined on their GitHub page. Read more

Top Linux tools for writers

If you've read my article about how I switched to Linux, then you know that I’m a superuser. I also stated that I’m not an “expert” on anything. That’s still fair to say. But I have learned many helpful things over the last several years, and I'd like to pass these tips along to other new Linux users. Read more

i.MX6 ULL module runs Linux with real-time patch

Artila’s “M-X6ULL” COM runs Linux 4.14 with the PREEMPT_RT patch on an 800MHz i.MX6 ULL, and offers dual LAN controllers, 4GB eMMC or an optional microSD slot, and an optional carrier board. The M-X6ULL, which follows other Artila i.MX based modules such as the i.MX537 based M-5360A, measures only 68 x 43mm. Still, that’s hardly a record for modules featuring NXP’s Linux-driven, power-sipping i.MX6 ULL. MYIR’s MYC-Y6ULX measures 39 x 37mm. Read more