In this section of the course, you'll learn why Linux is considered to be a relatively secure operating system. You'll learn the fundamentals of Linux security and how to keep your systems safe.
Learning Objectives
- Understand what superusers are in Linux
- Learn why Linux systems are often avoided by attackers
- Understand the security implications for open-source software such as Linux
- Learn how various Linux components contribute to security including roles, network services, encryption, accounts, and multifactor authentication
- Look at security principles that you can apply to your Linux systems
Intended Audience
This course is intended for anyone who wants an introduction to how to secure their Linux systems.
Prerequisites
To get the most out of this course, you should already have a good working knowledge of Linux. If you want to brush up on your Linux skills, consider taking our Learn Linux in 5 Days learning path first.
Is Linux secure? That's the big question, and it's a very broad question too. The truth is that nothing is perfectly secure. Security is really a series of trade-offs. Many times, these trade-offs are between convenience and security. When I say convenience, I'm also talking about ease of use. For example, Linux would be easier to use and more convenient if users didn't have to identify themselves before they gain access to the system, but that wouldn't be very secure. This is just one very simplistic example of a security trade-off. You'll often be making trade-offs based on the severity and probability of the risk you're trying to mitigate. Cost considerations, effectiveness of countermeasures and system performance will also be taken into account before you decide to make a trade-off. In general, Linux is secure, but it's really only as secure as its users and system administrators make it and allow it to be. Linux can quickly and easily be made into a very unsecure platform. For example, a user could change the permissions on a file that contains sensitive data, such that anyone on the system could read it. a system administrator could change all the files on a system such that everyone could modify them. Users could use easy to guess passwords. Data could be transmitted in the clear to or from a Linux system over a public network. Software could be installed on a system that has security problems. If users and system administrators don't have the proper training or security awareness, these types of issues can easily crop up. We'll be talking about the details of each of these examples and many more. More importantly, you'll learn about ways to protect your Linux systems from these issues later in the course. The point is that I don't want you to fall into the trap of thinking the Linux is secure and then assuming you're going to be safe from attacks. Don't think, my website is hosted on a Linux server, it's secure. I'm perfectly safe. Our database runs on Linux too, we'll be fine. Just because you're using Linux, doesn't absolve you of creating a secure computing environment. It's also an ongoing process. You have to work at security and maintain your level of security throughout the lifespan of your Linux systems. Don't fall into the trap of believing that since Linux is more secure than Windows, you don't need to be vigilant and security conscious.
Jason is the founder of the Linux Training Academy as well as the author of "Linux for Beginners" and "Command Line Kung Fu." He has over 20 years of professional Linux experience, having worked for industry leaders such as Hewlett-Packard, Xerox, UPS, FireEye, and Amazon.com. Nothing gives him more satisfaction than knowing he has helped thousands of IT professionals level up their careers through his many books and courses.