Language Selection

English French German Italian Portuguese Spanish

Kickstart your Linux security by avoiding garbage installations

Filed under
Linux

Recently, a colleague complained to me that X Windows refused to start following a routine patch upgrade on a production Web server. I asked why he needed X Windows running on a production Web server in the first place, especially a server that was allegedly secured as a bastion host in a perimeter DMZ. The response that "it was installed by default" seemed inadequate when considering the security risk posed by running X Windows on a bastion host.

Unnecessary packages on a host bring significant risks. An attacker can target the capabilities of those unnecessary packages to subvert or compromise your host, especially since most distributions automatically start the processes required by the installed packages (for example, if you have installed Apache, then the httpd process is automatically started).

So how do these unnecessary packages get installed?

Full Story.

More in Tux Machines

Android Leftovers

Serious Sam 3 - BFE: OpenGL vs. Vulkan With Fusion 2017 Update

On Friday marked Croteam's latest game update to their "Fusion" 2017 update, Serious Sam 3: BFE. Like the other Fusion 2017 game updates from Croteam, there are a number of engine-level updates and arguably most notable is the introduction of a Vulkan renderer. Here are some fresh NVIDIA/Radeon benchmarks of Serious Sam 3: BFE under OpenGL and Vulkan with this latest release. Read more

Debian Devs Urge Intel Skylake and Kaby Lake Users to Disable HyperThreading

Debian developer Henrique de Moraes Holschuh is warning users of the popular GNU/Linux distribution about a new security flaw that affects Intel's 6th and 7th generation Skylake and Kaby Lake processors supporting HyperThreading. Read more

Tomb File Encryption Tool Helps SparkyLinux Users Backup Their Secret Files

After announcing last week the inclusion of an in-house built utility that notifies users of new updates for their systems, the SparkyLinux developers today announced the inclusion of the Tomb and Gtumb tools in the distro's repos. Read more