Mastering Linux Security and Hardening
上QQ阅读APP看书,第一时间看更新

Running Linux in a Virtual Environment

So, you may be asking yourself, "Why do I need to study Linux security? Isn't Linux already secure? After all, it's not Windows." But, the fact is, there are many reasons.

It's true that Linux has certain advantages over Windows when it comes to security.  These include:

  • Unlike Windows, Linux was designed from the ground up as a multiuser operating system. So, user security tends to be a bit better on a Linux system.
  • Linux offers a better separation between administrative users and unprivileged users. This makes it a bit harder for intruders, and it also makes it a bit harder for a user to accidentally infect a Linux machine with something nasty.
  • Linux is much more resistant to virus and malware infections than Windows is.
  • Certain Linux distributions come with built-in mechanisms, such as SELinux in Red Hat and CentOS and AppArmor in Ubuntu, which prevents intruders from taking control of a system.
  • Linux is a free and open source software. This allows anyone who has the skill to audit Linux code to hunt for bugs or backdoors.

But, even with those advantages, Linux is just like everything else that's been created by mankind. That is, it isn't perfect.

Here are the topics that we'll cover in this chapter:

  • Why every Linux administrator needs to learn about Linux security
  • A bit about the threat landscape, with some examples of how attackers have, at times, been able to breach Linux systems
  • Resources for keeping up with IT security news
  • How to set up Ubuntu Server and CentOS virtual machines with VirtualBox, and how to install the EPEL repository in the CentOS virtual machine
  • How to create virtual machine snapshots
  • How to install Cygwin on a Windows host so that Windows users can connect to a virtual machine from their Windows hosts