Differences between revisions 45 and 46
Revision 45 as of 2019-09-07 11:20:59
Size: 3628
Editor: nodiscc
Comment: fix comment
Revision 46 as of 2019-09-07 11:40:31
Size: 4508
Editor: nodiscc
Comment: move info from SecurityChecklist, refactor
Deletions are marked like this. Additions are marked like this.
Line 41: Line 41:
== Security checklist ==

This covers only ''some'' aspects of securing a system:

 * Read the [[http://www.debian.org/doc/manuals/securing-debian-howto/|Securing Debian manual]]
 * '''Mailing lists:''' Subscribe to [[http://lists.debian.org/debian-security-announce/|debian-security-announce]] for information on security advisories, and/or the higher traffic [[http://lists.debian.org/debian-security/|debian-security]] list.
 * '''[[PackageManagement]]''': only install software from trusted sources. Use [[SecureApt]] to validate package signatures. Minimize installed software.
 * Minimize running software - check for running processes ({{{ps}}}, {{{top}}}, , monitoring systems...), minimize running [[systemd|services]], check for unwanted open ports/services ({{{ss}}}, {{{netstat}}}...)
 * Use a [[Firewall]] to restrict network access to and from your system.

Translation(s): English - Français - Italiano



http://www.debian.org/logos/openlogo-nd-50.png http://www.debian.org/Pics/debian.png

Portal/IDB/logo_portal.png Welcome to Debian security management


Portal/IDB/icon-security-32x32.png This portal talk about managing security on your system. Technical language could be used.

http://www.debian.org/doc/manuals/securing-debian-howto/ - Securing Debian Manual
http://www.debian.org/security/ - Information about Debian Security

  • Computer security, cybersecurity or information technology security (IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide. The field is becoming more important due to increased reliance on computer systems, the Internet, wireless networks, the growth of "smart"/"Internet of things" devices.

Some common principles of computer security include:

  • Threat models: Some will only want to prevent access to their computer/account when leaving it a few minutes to make coffee - this is simply dealt with (installing a screen locker). Some may want to stop sophisticated gangs from breaking into their systems - this requires a whole shift in thinking so that everything you do has security in mind.

  • Defense in depth: building layer upon layer of security measures - hence not only relying on one layer of security, but many different measures which would all have to be circumvented in order to compromise the system.

  • A weakest link is any component in a system, that will cause the whole security strategy to fail if defeated.

  • Security is a process, not a product: just buying or setting up a technology solution will not provide you security on its own - security is an ongoing technological and human process.


The Securing Debian manual describes security in Debian, securing and hardening the default Debian GNU/Linux installation, common tasks to set up a secure network environment, and additional information on available security tools.


  • ?SecurityChecklist

  • Cryptography - Work in progress to consolidate Cryptography information

  • DebianFirewall - Firewalls and network filtering

Security checklist

This covers only some aspects of securing a system:

  • Read the Securing Debian manual

  • Mailing lists: Subscribe to debian-security-announce for information on security advisories, and/or the higher traffic debian-security list.

  • PackageManagement: only install software from trusted sources. Use SecureApt to validate package signatures. Minimize installed software.

  • Minimize running software - check for running processes (ps, top, , monitoring systems...), minimize running services, check for unwanted open ports/services (ss, netstat...)

  • Use a ?Firewall to restrict network access to and from your system.

RAID

List of pages related to RAID (Redundant Array of Inexpensive Disks):

User management

List of pages related to user account management on Debian:

Backup and Restore

List of pages related to backing up a Debian system:

Wiki pages

List of pages related to security management in Debian:


CategoryPortal | CategorySystemAdministration | CategorySystemSecurity | CategoryNetwork